The newest version of the DFA API is now available: v1.17. This release includes a variety of bug fixes, many of which resolve issues that you reported on our forum. It also pares down a few outdated and unused operations.

Bug Fix Highlights

Some of the bugs tackled in this release include:

• Placement end date validation has been fixed. [Reported on our forum]
• The activeFilter field of AdSearchCritera is no longer ignored. [Reported on our forum]
• Attempting to save an incorrect DefaultAd now gives a more descriptive error message. [Reported on our forum]
• The expectedUrl field of SpotlightActivity is now required. Passing in a null value used to result in a default URL of "http://". It now results in an invalid URL error.

Deprecation and Sunset of v1.15

With this new release, our friend v1.15--the version from two releases ago--is now deprecated. As previously announced, we will continue to support it until March 3rd, 2012 at which time it will be entirely removed from service. Be sure to migrate any applications currently using v1.15 to one of the two supported versions by this time. Come benefit from the v1.17 fixes!

Sunset of v1.16 in Early June

Keeping with our standard release cycle, v1.16 will be sunset in early June. Please use this time window to make arrangements for migrating any v1.16 implementations before it is retired.

Complete Release Notes

This post reflects just some of the changes in the release. Our updated release notes page gives you a more in-depth breakdown of what has changed since the previous version. Please refer to this page when upgrading your applications.

As always, we highly value your feedback and questions. Please join us on our forum whenever you’d like to reach us.

 - Joseph DiLallo, DFA API Team

As we continue to improve the DFA API, two upcoming security enhancements are particularly noteworthy. We want you to be aware of adjustments to HTTP support and token lifespan and to take them into consideration when planning the development and upkeep of your applications.

Moving Towards Secure Connections

Last year Google began an effort to improve the security of our APIs with SSL encryption. Most of Google’s Ads APIs already require requests to be made over HTTPS connections. The DFA API will be following suit this year. We’ll consider the use of HTTP connections deprecated with the release of v1.17 in mid-February, 2012. Support for making requests over HTTP will be completely retired in v1.18, expected to launch in May, 2012. Our client libraries will transition to using HTTPS connections during the launch of v1.17.

On the Horizon: Expiring Tokens

Currently, tokens generated from the login service’s authenticate operation do not expire unless the user profile’s password is changed. In the not-too-distant future, API tokens will have a timed lifespan. We will be adding a new error code to represent a failure due to an expired token so that your applications will be able to catch and handle this situation.

We do not have a concrete release date for token expirations yet. It will not be part of the v1.17 release. Please keep an eye on our blog for further updates about this topic. Questions and comments are always welcome on our forum.

 - Joseph DiLallo, DFA API Team