TLS Deprecation

On Oct. 1, 2020, we will disable TLS1.0 and TLS1.1 access to the Sailthru API. To prevent a service interruption, your integration must begin using TLS1.2 before that time. After Oct. 1 at 12:01 a.m. EST, we will not accept requests to our API sent over TLS1.0 or TLS1.1. The connection will be rejected. Your integration with Sailthru will stop working at that time unless this change is completed.

Am I affected by this change? Since late July, we sent multiple, direct notifications to customers who we observed using Transport Layer Security (TLS) 1.0 or 1.1 to access the Sailthru API (https://api.sailthru.com). This may be through an integration directly from a content management or ecommerce platform, or through a third-party vendor. If you have questions about your account, whether you received a message or not, please feel free to contact Sailthru Support to confirm your account’s behavior. Why is Sailthru making this change? Security is paramount to our team and your partnership helps us keep your account and customer data secure. We are disabling these less secure protocols to protect your data as it crosses the public Internet and to align with industry best practices and standards. What action is needed? To prevent issues connecting to the Sailthru API, we ask that you update any programs or applications to use TLS1.2 when connecting the Sailthru API at https://api.sailthru.com. We highly encourage this transition to take place prior to Sept. 15, to provide ample time for troubleshooting. How can I test my changes? We created a temporary API URL that only responds to requests using TLS1.2. This URL matches the behavior of Sailthru's API beginning Oct. 1. This testing URL is https://apitmp.sailthru.com and it allows the full set of API endpoints for your account. Please note these important details about this endpoint:

• Do not use for production-volumes of data, please only use for testing.
• The endpoint uses your existing API key/secret, which will GET/POST/DELETE from the account from which you acquired the credentials. Remember, this means you may be modifying your production account and its data. If you need access to a Sandbox/Development Sailthru account, please contact Sailthru Support or your Customer Success team member.

We will disable the testing URL shortly after Oct. 1, 2020. What if I have questions? Note that our Support Team is unable to advise on specific details regarding how your internal systems are set up. The Support team is able to provide contextual information about the API calls that are still leveraging TLS 1.0 or 1.1, such as IP address, user-agent, and the endpoints being called (send, user, etc.).