# 7.3.0

The list of features & fixes provided by this release can be found [here](https://github.com/Activiti/Activiti/milestone/43?closed=1).

The Maven artifacts can be consumed from Alfresco Nexus:

```markup
<repositories>
  <repository>
    <id>activiti-releases</id>
    <url>https://artifacts.alfresco.com/nexus/content/repositories/activiti-releases</url>
  </repository>
</repositories>
```

*Activiti Cloud:*

```markup
<dependencyManagement>
   <dependencies>
     <dependency>
       <groupId>org.activiti.cloud</groupId>
       <artifactId>activiti-cloud-dependencies</artifactId>
       <version>7.3.0</version>
       <scope>import</scope>
       <type>pom</type>
     </dependency>
   </dependencies>
 </dependencyManagement>
```

*Activiti Core*

```markup
  <dependencyManagement>
    <dependencies>
      <dependency>
        <groupId>org.activiti</groupId>
        <artifactId>activiti-dependencies</artifactId>
        <version>7.3.0</version>
        <scope>import</scope>
        <type>pom</type>
      </dependency>
    </dependencies>
  </dependencyManagement>
```

## Changes from previous versions

### API changes

This version comes with the following changes in the APIs:

* New endpoints to retrieve users and groups available on Runtime Bundle and Modeling Service:
  * `GET /v1/identity/users`
  * `GET /v1/identity/groups`
* APIs retrieving process instances are also returning process instances to users involved in the instance, i.e. assignees and candidates of a task. In the previous version, only the process starter was able to see the process instance. This change concerns: &#x20;
  * the Java API `ProcessRuntime.processInstances().`
  * `The REST APIs:`
    * `GET /rb/v1/process-instances`
    * `GET /query/v1/process-instances`

### Replacement of Keycloak security configuration with Spring Security

In order to don't be tied to a specific implementation, the System properties used to define security constraints stopped using the prefix `keycloak` in favor of `authorizations`. I.e.

```
keycloak.security-constraints[0].authRoles[0]=ACTIVITI_USER
keycloak.security-constraints[0].securityCollections[0].patterns[0]=/v1/*
keycloak.security-constraints[1].authRoles[0]=ACTIVITI_ADMIN
keycloak.security-constraints[1].securityCollections[0].patterns[0]=/admin/*
```

**Becomes**

```
authorizations.security-constraints[0].authRoles[0]=ACTIVITI_USER
authorizations.security-constraints[0].securityCollections[0].patterns[0]=/v1/*
authorizations.security-constraints[1].authRoles[0]=ACTIVITI_ADMIN
authorizations.security-constraints[1].securityCollections[0].patterns[0]=/admin/*
```

### Migration from Springfox to Springdoc

`Previously Activiti was using Springfox to generate the Open API specification from the REST controllers. This has been migrated to use Springdoc instead, what leads to some changes in the generated specification:`

* The key words `Of` and `And` disappear from the class names. For instance, `ListResponseContentOfCloudProcessDefinition` becomes `ListResponseContentCloudProcessDefinition`.
* the URL for group API uses a path parameter instead of a query parameter. For instance, `/v3/api-docs?group={groupName}` becomes `/v3/api-docs/{groupName}`.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://activiti.gitbook.io/activiti-7-developers-guide/releases/7.3.0.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.