To ensure that all API usage of LeanKit is up to date with our security standards, two changes will come into effect on August 1st 2016:
-
We will no longer support non-secure access to our APIs
-
We are deprecating the use of the LeanKitKanban.com domain
So, all future API calls need to use the following format: https://{hostname}.leankit.com
If your project is using LeanKit APIs with one or both of the following:
-
plain, non-SSL HTTP protocol (e.g.
http
://{hostname}.leankit.com
) -
the legacy URL leankitkanban.com, (with or without HTTPS, e.g.
http://{hostname}.
leankitkanban.com
orhttps://{hostname}.
leankitkanban.com
).
it will need to be updated in order to continue to function as expected.
What you need to do
To ensure a smooth transition, please update your code as soon as possible. Any use of plain HTTP or of leankitkanban.com
will need to be changed. If you do not make these changes, all API calls from your application will fail.
In the following examples substitute your LeanKit account's hostname for {hostname}
, i.e. If your LeanKit account is at acmecorp.leankit.com
, then acmecorp
is the hostname.
-
example one:
http://{hostname}.leankit.com
becomes
https
://{hostname}.leankit.com
-
example two:
https://{hostname}.leankitkanban.com/kanban/api/boards
becomes
https://{hostname}.
leankit
.com/kanban/api/boards
Black Out Tests
To prepare for the August 1st cut-off date, we will run two “blackout” tests, each for 2 hours, so that you can ensure that API calls in your app no longer use non-secure HTTP or reference leankitkanban.com
. If you have changed your code as described above, your app should function normally during the blackout window. If you have not updated your code, then during the 2-hr blackout window all API calls from your application will fail.
Dates and Times
-
First blackout window: 7 July 2016, 13:00-15:00 U.S. Central Daylight Time (CDT) / 18:00-20:00 UTC
-
Second blackout window: 21 July 2016, 09:00-11:00 (CDT) / 14:00-16:00 UTC
-
Non-SSL calls deprecated: 1 August 2016, 10:00 (CDT) / 15:00 UTC
We recommend that you make the switch before the first blackout to avoid disruption. Our support team is available to help make this transition as smooth as we can for you.
Our Support team is reachable at support@leankit.com
or at support.leankit.com