watt.migrate.hidePassword Controls whether an encoded database password for a JDBC connection pool alias will be saved in migrate.dat.

watt.net.http.connect.performSSRFcheck Specifies whether SSRF checking is performed for direct outbound connections.

watt.net.http.ssrf.allowlist Specifies a comma-delimited list of regex expressions for allowed host names for SSRF checking.

watt.net.ssl.server.preemptivelyCloseSocket Specifies whether Integration Server preemptively closes the SSL socket for a port that requires or requests certificates instead of waiting for the port keep alive timeout to elapse.

watt.server.event.monitor.timeout Specifies the number of seconds that elapse before the socket monitor thread created for a Designer session times out, terminating its server thread and the associated event listener thread.

watt.server.getLastError.removeLastError Specifies whether Integration Server removes the "pipeline/lastError" document from the output of the last invocation of the "pub.flow:getLastError" service. Set the parameter to true to avoid "out of memory" issues when the exceptions are high while invoking pub.flow:getLastError repeatedly in a flow service.

watt.server.hostAllow.service Specifies the name of the service that returns the allowed IP addresses or hostnames in the CSV format. There is no default value.

watt.server.hostAllow.service.refreshInterval Specifies the interval at which the service that retrieves allowed hosts updates the list of allowed hosts. The value 0 indicates that the refresh interval is not specified, and the service runs only on demand. There is no default value.

watt.server.hostDeny.service Specifies the name of the service that returns the denied IP addresses or hostnames in the CSV format. There is no default value.

watt.server.hostDeny.service.refreshInterval Specifies the interval at which the service that retrieves denied hosts updates the list of denied hosts. The value 0 indicates that the refresh interval is not specified, and the service runs only on demand. There is no default value.

watt.server.http.url.forbidCRLF Specifies whether Integration Server prohibits the carriage return/line feed (CRLF) characters, specifically the character sequences "%0D%0A" or "%0A%0D" in any case combination, in the URL for an inbound HTTP request.

watt.server.log.forbidCRLF Specifies whether Integration Server prohibits the carriage return/line feed (CRLF) characters, specifically the character sequences "\n", "%0A", "\r", or "%0D" in any case combination, in the Integration Server logger message parameters.

watt.server.logical.hostname Specifies a unique logical name to identify an Integration Server instance that connects to the same database instance as other Integration Server instances. Integration Server uses this value in internal database tables to identify itself as the owner of a lock of a namespace object.

watt.server.maxzipfilesize Specifies the maximum zip file size (in MB) that can be unzipped by Files.unzip().

watt.server.oauth.token.short Limits OAuth access tokens and refresh tokens created by Integration Server to 32 bytes.

watt.server.serviceResults.cache.encode Specifies whether Integration Server encodes service results before serializing the results and placing the data in the service results cache.

watt.server.serviceResults.cache.strict Specifies if Integration Server caches and returns values for the parameters defined in the service signature only or if the entire output pipeline is cached and returned as well.

watt.server.smtp.authentication.type Specifies the type of authentication that Integration Server should use to connect to the specified e-mail server.

watt.server.smtp.oauth.accessTokenURL Specifies the URL that Integration Server uses to request an access token from the OAuth server.

watt.server.smtp.oauth.authorizationCode Specifies the authorization code used to get an access token manually in scenarios where browser support is unavailable.

watt.server.smtp.oauth.authURL Specifies the URL of the email provider or endpoint that Integration Server uses to request authorization code.

watt.server.smtp.oauth.clientID Specifies the unique public identifier that the OAuth server generates for Integration Server during registration.

watt.server.smtp.oauth.clientSecret Specifies a unique string that the OAuth server provides to Integration Server while registering Integration Server as an application, which is known only to Integration Server and the authorization server.

watt.server.smtp.oauth.redirectURL Specifies the URL that the OAuth server uses to send authentication responses to Integration Server.

watt.server.smtp.oauth.scope Specifies the mail server access permissions configured for Integration Server during registration. You can specify multiple scopes separated by a space.

watt.server.smtp.oauth.token.refreshInterval Specifies the time interval in minutes when the cron job is scheduled to fetch a new access token. The default is 15 minutes to fetch a new access token by using the refresh token and email notification settings.

watt.wmcloud.sendResponse.retryCount Specifies the maximum number of retry attempts that an on-premise Integration Server makes when a failure occurs when sending a response to the Cloud.

watt.wmcloud.sendResponse.retryDelay Specifies the number of milliseconds that an on-premise Integration Server waits before making another retry attempt after a publish attempt fails.

watt.adminapi.group.readOnly To give a local user (a user defined on Integration Server) read-only access to the Administrator API, add the user to the ReadOnlyAdministrators group. To give a user in the Central Directory Service read-only access to the API, add the group to which the user belongs to the ReadOnlyAdministrators ACL.

watt.core.datatype.usejavaregex No replacement. Integration Server uses the Java regular expression compiler while validating supplied XML against an IS document type, XML document type, or IS schema. Previously, Integration Server used the parameter to specify either the Java regular expression compiler or the Perl5 regular expression compiler and pattern matching. However, the Perl5 regular expression compiler is now removed from the product.

watt.net.ssl.client.cipherSuiteList No replacement.

watt.net.ssl.client.ftps.useJSSE No replacement.

watt.net.ssl.client.handshake.maxVersion No replacement.

watt.net.ssl.client.handshake.minVersion No replacement.

watt.net.ssl.client.strongcipheronly No replacement.

watt.net.ssl.client.useJSSE No replacement.

watt.net.ssl.email.client.useJSSE No replacement.

watt.net.ssl.email.client.smtp.useJSSE No replacement.

watt.net.ssl.server.cipherSuiteList No replacement.

watt.net.ssl.server.handshake.maxVersion No replacement.

watt.net.ssl.server.handshake.minVersion No replacement.

watt.net.ssl.server.strongcipheronly No replacement.

watt.server.metadata.registry.timeout No replacement.

watt.net.http.redirect.performSSRFcheck When SSRF checking is performed for redirected outbound connections, Integration Server now verifies that the host to which the request is being redirected is on the allow list established by the watt.net.http.ssrf.allowlist parameter. Previously, Integration Server only verified that the redirected URL was not a private address.

watt.net.socketProvider The default value is now com.wm.ext.jsse.JSSESecureSocketFactory. Previously, the default value was com.wm.ext.iaik.IaikSecureSocket.

watt.server.compile Integration Server now validates the value of this parameter to ensure that it is a compiler command.

watt.server.content.type.mappings Integration Server now prevents the watt.server.content.type.mappings from mapping another content-type to application/merge-patch+json. If the watt.server.content.type.mappings value is changed to include application/merge-patch+json, Integration Server Administrator displays the following error “The Content-Type mapping to application/merge-patch+json is not allowed”.

watt.server.rest.includeNullFieldsInResponse The default value of watt.server.rest.includeNullFieldsInResponse is changed from "true" to "false".