AsyncAPI Spec 2.4.0 Release Notes

Sergio Moya

Sergio Moya

·4 min read

The new version of the AsyncAPI specification - 2.4.0 - is now available.

This is a minor release, and it doesn't bring any breaking changes. You can switch to it by modifying the following value in your AsyncAPI file asyncapi: '2.3.0' into asyncapi: '2.4.0'

Message uniqueness thanks to the new messageId field

As operations have OperationId, AsyncAPI messages can now define messageId. This new field is used to identify a message across a whole AsyncAPI document uniquely. This new field will be helpful in tools that ask the user to select a message as input, such as validating their schema or filtering code to be generated.

For example:

1asyncapi: 2.4.0
2components:
3  messages:
4    SomeMessage:
5      messageId: SomeMessage
6      payload:
7        type: object
8        properties:
9          name:
10            type: string

This new feature was contributed by Waleed Ashraf. For more detail, see Waleed's /spec #751pull request and the GitHub issue where Waleed's MessageId feature addition was discussed.

Server Variables can be now referenced from components

To allow for more flexibility in how AsyncAPI documents are structured and enable content to be reused, serverVariables can now be defined as reusable components.

For example:

1asyncapi: 2.4.0
2servers:
3  development:
4    $ref: '#/components/servers/myserver'
5  production:
6    $ref: '#/components/servers/myserver'
7components:
8  servers:
9    myserver:
10      url: "{stage}.my-server.com:{port}"
11      protocol: ws
12      variables:
13        stage:
14          $ref: "#/components/serverVariables/stage"
15        port:
16          $ref: "#/components/serverVariables/port"
17  serverVariables:
18    stage:
19      default: dev
20    port:
21      enum: [5000, 6000]
22      default: 5000

These are added to the many other aspects of the AsyncAPI specification which can be declared as reusable components. You can see the full list in the Components Object section of the AsyncAPI specification.

This new feature was contributed by Daniel Kocot. For more detail, see Daniel's /spec #717 pull request and the GitHub issue where Daniel's change to serverVariables was discussed.

Security can now be defined at Operation level

Until today, Security requirements were defined at Server level. That restricted the security requirements to be the same for all channels linked with a Server, and for all operations of those channels. In fact, when setting Security in both the Server and the Operation, both should be satisfied.

For example:

1asyncapi: 2.4.0
2servers:
3  production:
4    url: "mykafkacluster.org:8092"
5    protocol: kafka-secure
6    security:
7      - service_auth:
8         - auth:write
9         - auth:read
10channels:
11  some/events:
12    servers:
13      - production
14    subscribe:
15      # This operation level security implies the ability to subscribe to messages from
16      # `some/events` channel with Authorization headers 
17      # that have `auth:read` scope. Note that an operation level security must still satisfy 
18      # security requirements specified at the server level.
19      security:
20        - service_auth:
21          - auth:read  

Thanks to Sekharbans, is now possible to increase security granularity by defining a set of security requirements at Operation level. For more detail, see Sekharban's /spec #584 pull request and the GitHub issue where Sekharban's suggested feature was discussed.

Reusability of Servers defined in Components is clarified in the specification

Reusability of Servers was introduced in AsyncAPI 2.3.0. However, the change was not fully clarified in the specification, leading to confusion.

Thanks to Vladimir Gorej, this is now clarified by mentioning that elements for the Servers Object can be either Server Object or a Reference Object. For more detail, see Vladimir's /spec #706pull request and the GitHub issue where Vladimir's Servers Object change was discussed.

Tooling support

The following official AsyncAPI tools are already updated to support 2.4.0 version of the specification:

  • JSON Schema that supports validation of AsyncAPI documents is updated in this repository. Also @asyncapi/specs package has been updated on NPM to version 2.14.0, and it contains the 2.4.0 JSON Schema.
  • JavaScript Parser uses latest @asyncapi/specs package and can be used to parse and validate 2.4.0 documents. Upgrade to 1.15.0 version.
  • HTML template uses the latest @asyncapi/react-component package. Upgrade to 0.24.9 version.
  • JavaScript Converter enables conversion from any AsyncAPI version into the 2.4.0 version of the spec. Upgrade to 0.11.0 version.
  • Generator uses the latest @asyncapi/parser package, so while generating output, it can validate 2.4.0 documents. Upgrade to 1.9.3 version.

Last but not least is the AsyncAPI Studio. Check out the Studio with this example.

Look ahead

We aim to have a regular cadence of releases of the AsyncAPI specification, four times a year. For more information about when to expect future releases, you can see our release process document.

We're also working on the next major release of the AsyncAPI specification: 3.0.0. If you'd like to contribute, or just follow the discussions, you can see Work on 3.0 release issue.

Photo by Alexandru Tudorache on Unsplash