Fixed Rejection Denylist display
We fixed an issue that was causing the Rejection Denylist page to appear as blank.
Expired entries were appearing on the Rejection Denylist page, which pushed out active entries and made the list appear empty. Now only active entries appear.
- October 1, 2021Action Required
Added Stripe SCA payments pluginOpen Commerce
We’ve created a new Stripe plugin,
api-plugin-payments-stripe-sca, and we recommend that all users of the existing Stripe plugin migrate to it.
api-plugin-payments-stripeis now deprecated and will be supported until October 31, 2021. This release also affects the
example-storefrontrepository, which now includes components to support 3D Secure validation.
Thanks to contributor Janus Reith for his input.
The new plugin is designed to comply with the current Strong Customer Authentication (SCA) regulation, part of PSD2 regulation in Europe, which requires changes to how your European customers authenticate online payments.
- September 23, 2021
Added new Allowlists series of endpointsTransactional
We’ve added a new series of Allowlists endpoints that are functionally identical to the Whitelists endpoints, but use new inclusive terminology instead.
In an effort to move towards using more inclusive terminology in our application, we’ve changed all instances of the terms “blacklist” and “whitelist” to “denylist” and “allowlist,” respectively. There may still be lingering uses of the old terminology in API responses or webhooks; please know that we are working on retiring all instances of those terms.
- September 22, 2021
Cleaning up batch webhooks when deleting API keys or app connectionsMarketing
When deleting an API key or removing an authorized app connection, we will remove the batch webhooks created by that key or connection.
When a batch job completes, we send that response body to all created webhooks. Previously, these batch webhooks weren’t cleaned up when a user disconnected from an authorized app, or removed an API key.
- September 14, 2021
Data changes with Apple Mail Privacy ProtectionMarketing, Transactional
Apple is launching Apple Mail Privacy Protection, which may change campaign reporting data. Check out our Apple Mail Privacy Protection Resources for more.
The Apple Mail Privacy Protection changes coming in iOS 15 will change Mailchimp’s email tracking for iOS users who opt in. Check our FAQ, but you may want to review how you use data and features related to opens and user location. If you surface this data in your integration, we recommend providing context on Apple’s changes.
- September 7, 2021Action Required
Adding a limit to Batch WebhooksMarketing
We’ve added a limit to the number of batch webhooks you can create: going forward, you will not be able to exceed 20 batch webhooks for a given Mailchimp account. If you attempt to create a new batch webhook via the POST
/batch-webhooksendpoint and have already exceeded the limit, a 400 status code will be returned. In order to resolve this error, you will have to delete an existing batch webhook via the DELETE
Most users of the Batch Webhooks endpoint create fewer than 20 webhooks for their account. Allowing an unlimited number of webhooks for each account can have performance implications for the API.
- August 25, 2021Action Required
Removed Hydra and Identity services from the development platformOpen Commerce
Version 4.0 of Mailchimp Open Commerce removes the Hydra and Identity services from the development platform. The authentication APIs are now part of the GraphQL server.
Store implementers now need to create their own signup and login interfaces using accounts-js. All existing users will be logged out, but their login credentials should carry over and they shouldn’t have to update their passwords.
Implementers who need Hydra should continue using version 3.x.
Identity and Hydra enabled OAuth 2 authentication and created a single authentication service for both the storefront and the admin dashboard. These services were hard to deploy and overkill for developers who wanted to get Open Commerce up and running quickly.
Reducing the number of default services should make it easier to use and extend Open Commerce. This is part of a broader plan to use libraries for the storefront and admin dashboard user interfaces. Under this plan, the development platform will provide an integration layer, rather than the services themselves.
Removing Hydra and Identity also reduces the footprint of Meteor, bringing us closer to our goal of completely eliminating Meteor from the codebase.
- August 25, 2021
Removing Campaign tracking tagsMarketing
You can now remove the tracking slugs for
clicktalewhen you update Campaign tracking by passing in an empty string.
There was a bug that caused empty strings to be ignored when setting these properties. We’ve fixed updating Campaigns to properly handle these fields: no change if they’re not included in the PATCH body, but removed if they’re passed in as an empty string.