Apigee Edge changelog

Version 0.3.1

Changed so that async activities are built in the Preflow-Enforce flow and enriched with the response in the Postflow-Enforce flow

Added Credential Intelligence, with support for:
- Credential path matching via exact route or regular expression
- Extracting credentials from body, header, or query-param
- Single-step (v2) and multistep (multistep_sso) hashing protocols
- Reporting on login successful via status code, body regex, or header
- Sending additional S2S activity automatically or transfer via request headers
- Sending the raw username on the additional S2S activity if configured
Fixed an issue where third-party URLs in block responses were missing https://

Added CORS, with support for:
- Preflight request filtering
- Default or customized block page CORS headers
Added Account Defender, including support for:
- Reporting of the cross tab session cookie
- Extracting user ID and additional fields from cookie- or header-based JWT
Minor bug fixes and compatibility improvements.

Replaced non-ES5 functions (e.g. Object.assign, Array.prototype.includes, String.prototype.startsWith) for compatibility
Modified shared flow configuration version to be 4.0 (the only supported version)