Prior to Polaris 7.6 Polaris was pretty loose with enforcing the version numbers it accepted in this PAPI call:
- /PAPIService/REST/protected/v1/1033/100/1/authenticator/staff
Because there are now two versions of this method, it will ONLY accept v1 or v2 and will generate a HTTP 400 error for all other version numbers.
Some 3rd parties have been constructing PAPI calls that were always incorrect according to the PAPI spec, but had been previously accepted.
For example, TBS (at least version MyPC v6.7.1.5) is incorrectly calling:
- /PAPIService/REST/protected/v6.1.207.0/1033/1/1/authenticator/staff
This will now fail in Polaris 7.6+. Again, the documented way of using v1 of this method hasn’t changed since 2016, but the versioning is now being strictly enforced in v7.6+. My guess is the version number here is the TBS version when MyPC first added PAPI support. Not the PAPI method version which is what should have always been used. TBS also is using a non-preferred appID (1 instead of 100) but for now that doesn’t seem to cause any issues.
If you have other vendors who you know are using the PAPI call incorrectly, consider responding with them here so other customers can check before they upgrade.