Release Notes

Aidbox release notes

Aidbox release cycle is about 2-4 weeks. Stable releases are labeled with the version number like 0.4.0See the list of versions on docker-hub.

The version under development is published with -SNAPSHOT and -RC[x] postfixes. For example, if the latest release was 0.3.0, you will see the 0.4.0-SNAPSHOT version during the development, and 0.4.0-RC1 during a stabilization period in the registry.

Starting from 0.4.0, Aidbox.Cloud supports clusters that can be located in different geographic regions and run different Aidbox versions. Clusters that are labeled stable have the latest stable version (i.e., max(version)). As well, clusters with the edge label run the latest development version (snapshot or release candidates).

  • Current stable version: 0.4.9

  • Next release in February: 0.5.0

Road Map

  • Aidbox production supervisor

  • Brand new profiling

  • V2 & x12 integration modules

  • New performant and flexible search engine (friendly indexing system)

  • Bulk API (export, import)

  • $upload

  • Uni-version FHIR server (i.e., support all FHIR versions, probably not all resources)

  • Async validation

  • Terminology under fhir prefix (issues #51 #50 #38)

  • _filter parameter support

  • Managing Indexes by AidboxIndex meta-resource



0.4.9 [9 March 2020]


0.4.8 [16 December 2019]


Plenty of bug fixes!

0.4.7 [26 September 2019]


Now references to contained resources are represented as localRef attribute in Aidbox Format

  • Managed SQL for FHIR search by SearchQuery

  • A default timeout for Search Operations with _timeout param for high-load

  • Ordered search in $lookup

  • microseconds precision for timestamps (Resource.meta.lastUpdated)

  • Better Aidbox <=> FHIR conversion for first-class extensions

  • Added JWT sub & iss and client IP address to logs

  • aidbox-cli elastic search logger now creates a new index for each day

  • Upgrade/Fix PATCH to be fully RFC conformant

  • Added X-Client-Auth header

  • Added cts column (createdAt) to resources (read more).

  • Entity.history='none' for custom resources to turn-off history

  • Unique validation by isUnique=true in Attribute

  • New Test toolkit stresty to report bugs and test regression (see samples).

0.4.6 [2 August 2019]

It's time to upgrade your database - please stop your container and change image to aidbox/db:11.4.0 !


  • In REST Console support for multiline URL line using \

  • New /<RT>/$lookup operation for efficient lookup search in millions of records - read more

  • AidboxQuery extended with count-query and params types and defaults

  • New /<RT>/$load and /$load bulk operations were added and $import was upgraded

  • aidbox/db upgrade to 11.4 + fixes in json_knife pg extension - (deep patterns, indexes)

  • Highlighted logs for humans in Aidbox.Dev by default: docker logs -f <your-box-container>

0.4.5 [3 July 2019]


0.4.4 [17 June 2019]


  • Support for RFC-7662 Token Introspection with TokenIntrospector resource. JwtAuthenticator is now TokenIntrospector as well with type=jwt

  • GraphQL Alpha - see GraphQL in Aidbox user interface

0.4.3 [20 May 2019]


  • Sequence API - use PostgreSQL sequences through REST API

  • Operation bound policy in App manifest

  • Clear resources deleted in App manifest (#70)

  • Bulk load terminologies - tutorial

  • Logs from Aidbox to ElasticSearch - tutorial

Bug Fixes

  • Sort by polymorphic elements (#90)

  • Fix ge and le operators for date search (#85)

  • Search _has and param name with dash (#95)

0.4.2 [22 April 2019]


Bug Fixes

  • Auth first_party JWT session

  • html sanitise in Narrative

  • Fix date validation

  • Better validation error reporting

0.4.1 [8 April 2019]

This release is mostly dedicated to stabilisation of new auth module. Check-out it's documentation!


  • Support for _txid parameter and ETAG header for history pooling

  • Support for X-HTTP-Method-Override header for inflexible http clients

  • Support X-Correlation-Id and X-Request-Id headers

Bug Fixes

  • Reference search with :identifier - #47

  • Support for isOpen for applications - #69

  • Failure of search with invalid search param - #65

  • FHIR transaction endpoint urls without / - #62

  • Search: multiple _sort parameters - #73

0.4.0 [22 March 2019]


  • New Auth module (OAuth2, OpenID Connect and SCIM implementations)

  • Web UI for Aidbox.Dev

  • Migrate to Java 11

  • Clusters in Cloud

Breaking Changes

  • Auth module endpoint's changed oauth => auth

  • Structure of Auth Client and User changed

  • Turn-off insecure Aidbox.Dev start - now you have to provide AIDBOX_CLIENT_ID and AIDBOX_CLIENT_SECRET

Bug fixes

  • Fix search by reference with :identifier modifier

  • Fix value when performing search inside Compartment

  • #51 Fix CodeSystem create on /fhir api

  • #49 Fix _sort with dashes in parameter name

0.3.5 Hotfix

  • #51 - Fix CodeSystem create on /fhir api


  • Subscriptions $poll operation and webhook channel: Subscriptions;

  • Fixed Aidbox to FHIR data transformation bug when polymorphic attributes wasn't properly handled in recursive elements such as QuestionnaireResponse.item

  • Support _total search parameter (_totalMethod=count also works)

  • Support page search parameter (_page - also works)

  • Added $query - SQL query into REST Endpoint

  • _query - custom search related to resourceType

  • Implemented Compartments for requests like /fhir/Patient/xxx/Observation; Compartments are defined with CompartmentDefinition resource

  • Observation/$lastn is accessible as a part of Patient's compartment: /fhir/Patient/ID/Observation/$lastn

  • Implemented :iterate modifier for _include search parameter

  • Refactored FHIR search engine internals to leverage PostgreSQL's GIN index

  • Add Box-Name headers (allows to specify box, without changing the url)

  • Implement full-text search with RUM indices (requires PostgreSQL 11 with the rum extension)

  • Experimental support for FHIR 4 resources and search parameters

  • Experimental XML support for endpoints starting with /fhir/ prefix


  • Introduced refresh tokens into oauth module;

  • Implemented /Observation/$lastn and /fhir/Observation/$lastn endpoints;

  • Support __debug=policy parameter to inspect and debug request authorization layer;

  • CapabilityStatement metadata endpoint;

  • Added If-Match header support for atomic updates;

  • Fix metadata migration bug (fixes issues #16 and #6)

  • Added complex engine for AccessPolicy resource


  • Started to reflect all the changes in the CHANGELOG.