Heatmaps will no longer be visible within Private User Sessions under the Viewed Media event as of August 21st, 2023. The Viewed Media event will still show up in session logs, however it will no longer contain a heatmap.
Private User Sessions provide a log of manager, collaborator, and user activity within an account, and despite the inclusion of Heatmaps they were never intended for use as an analytics tool. Additionally, as this page has become outdated relative to other pages in the app we have run into certain issues with loading these Heatmaps consistently. As a result of these concerns, and future data retention considerations, we have chosen to remove them from Private User Session logs altogether.
A week before the removal, we will put a deprecation notice on the Private User Sessions page to inform users that Heatmaps are being removed from these logs.
On August 21st, Heatmaps will be officially removed from Private User Sessions.
This change primarily affects anyone using Private User Sessions to look at Heatmaps for viewing sessions by logged-in users. Any user on the account who logs in with email or SSO has their activity excluded from public stats pages and collected in Private User Sessions instead.
Heatmaps will no longer be available for viewing sessions by:
- Account Owners
If you are using Locked Projects to share videos privately and need to see Heatmaps for these viewers, we recommend looking into the Password Protection feature, which lets you gate videos with a password and enable private sharing without needing to invite a viewer by email. Alternatively you can embed the videos on a gated site instead.
Passing authentication tokens or passwords via query parameters is unsafe - from malicious actors and from passwords being exposed in logs. Wistia will be deprecating this functionality in favor of bearer tokens or other authentication schemes. Please see the docs for more info on how to query the API.
We will deprecate this functionality on July 30th, 2022
Please note, we will be performing brownouts on June 30th, 2022 and July 14th, 2022. Brownouts will disable query param auth functionality for a period of time so that our customers may test their new authentication and any customers unaware of the deprecation can be notified before the deprecation fully comes into effect.
On June 30, 2022 we will be browning out query param auth for 24 hours, starting at 9am ET.
On July 14th, 2022 we will be browning out query param auth for 24 hours, starting at 9am ET.
We will anonymously audit our API logs and reach out to customers who recently used our API with query param auth. In the meantime if you find you are passing authentication by query param, don't wait for us! Please switch to using bearer tokens or any other form of authentication as soon as possible.
Our rate limiting code currently throws a 503 status code when an account has reached its rate limit. There is a code specific to rate limiting - 429 - that we should be using instead.
We will Deprecate this functionality on March 7th, 2022
A code audit will be needed to see if your API code is affected by this code change.
TLS stands for Transport Layer Security and is the protocol used for securing HTTPS pages. The IETF has deprecated TLS 1.0 and 1.1 as they are vulnerable to attacks that can recover potentially sensitive information.
We plan to deprecate the ability to request information from any Wistia webpage by Febuary 18th, 2022.
Wistia has anonymously gathered log information and will be contacting account owners if they have accessed the API recently with a TLS 1.0 or 1.1 connection.
Otherwise, if you are using a modern browser you should be unaffected by this deprecation.
Updated about 2 months ago