News Flash

Last updated
Save as PDF

This document applies to all license types.
Help Center documentation is confidential and proprietary to Avalara clients.

This page contains announcements and late-breaking releases. Click here for scheduled releases and highlights.

26-Sep-2018 Michigan eFile Transmission Tag error update

Regarding XML formatting to handle the updated TransmissionTag requirements Michigan published on 9/19/2018: We are targeting the fix for 5.34.10 which will be released the evening of 02-Oct-2018.

[End]

09-Oct-2018 and 02-Nov-2018 Internet Browser and API Call Support Changes Coming

This was originally published on 10-Jul-2018 as "1-Aug-2018 and 1-Nov-2018 Internet Browser and API Call Support Changes Coming" (see below). Due to feedback from customers, we delayed the dates and published this updated New Flash.

Internet browsers, such as Firefox, Chrome, Internet Explorer and Edge use Transport Layer Security (TLS) to connect to secure sites like the Avalara Excise Platform. To improve security, Transport Layer Security (TLS) 1.0 support for the Avalara Excise Platform will be phased out over the next few weeks to ensure all browser connections are using current industry standard security protocols. You may have seen a similar notice from other service providers such as the recent notice from the IRS for ExSTARS requiring minimum browsers versions effective 7/13/18.

If you make API (Application Program Interface) calls to Avalara Excise services, the removal of TLS 1.0 support is likely to impact you (IT Departments).

When will TLS 1.0 support end for Avalara Excise?

TLS 1.0 support will be removed in two phases:

09-Oct-2018 6:00 am Central time (USA): TLS 1.0 support will be removed from the Avalara Excise Test (UA) environment (https://exciseua.avalara.net).

02-Nov-2018 6:00 am Central time (USA): TLS 1.0 support will be removed from the Avalara Excise Production environment (https://excise.avalara.net).

Connection attempts using TLS 1.0 will start to get a "Failed to receive authentication HTTP" message. Browsers may display slightly different messages.

What do I need to do?

Check your browser: If your version is less than the version shown below, send your IT department a link to this page and ask them how to get an upgrade.
- Google Chrome version 66
  (Click the menu in the top right corner and then Help > About)
- Mozilla Firefox version 60 or version 52 for large organizations
  (Click the menu in the top right corner and then Help > About)
- Microsoft Internet Explorer version 11
  (Click the gear in the top right corner and then About)
- Microsoft Edge version 42
  (Click the menu in the top right corner and then Settings and scroll down)
  
  Customers who cannot upgrade before the dates above can search the internet for "browser check tls version" for sites that can identify what TLS version your browser supports. Note that requiring vendor supported browsers is a long standing Avalara policy - see Browser Support and Troubleshooting.
API calls: If you are making API calls to the Avalara Excise Platform, we recommend two actions for our customers:
- Begin upgrading your servers and possibly your applications to use TLS 1.2 (preferred) or TLS 1.1 when making API calls.
- Consider upgrading your API calls to the latest version available. To view our API call documentation:
  - Login with a Company Admin account
  - From the menu, click the Developer Content and choose one of the following menu items:
    - Developer Content ' REST Documentation and then look up "AvaTaxExcise Controller" or
    - Developer Content ' SOAP Documentation and then look up "ATE SOAP Web Service 5.27.0 Documentation"
Avalara's Schedule Transaction Importer Application version 5.34.01 should be used after support for TLS 1.0 is removed. Depending on your Windows configuration, older versions may or may not connect. We encourage you to upgrade now to version 5.34.0.1 as it will work before and after support for TLS 1.0 has been removed.

[End]

27-Sep-2018 and 02-Oct-2018 Security certificate changes

Last updated Sep 28, 2018, 3:44 AM by Brian Hulse formatting corrected Sep 28, 2018, 12:55 pm.

Overview

On the following dates, we are changing the security certificates used by browsers and other applications to verify secure connections to the Avalara Excise Platform. Your IT team can begin testing and make updates, if needed, starting now; see below.

27-Sep-2018 6:00 am Central time (USA) Test (UA) https://exciseua.avalara.net

02-Oct-2018 6:00 am Central time (USA) Production https://excise.avalara.net

Why is this changing?

Symantec Corporation, the company who issued our certificates, did not follow industry standard practices. As a result, Chrome and Firefox will soon no longer trust Symantec’s certificates. If we don't make this change, when you tried to browse to the Avalara Excise Platform sites you would see an error instead of our site. Technical people may want to view https://security.googleblog.com/2017/09/chromes-plan-to-distrust-symantec.html for details.

What do I need to do?

If you only use a current version of one of these supported programs to access the Avalara Excise Platform sites at https://excise.avalara.net (Production) or https://exciseua.avalara.net (Test/UA), no action is required.

Mozilla Firefox
Google Chrome
Microsoft Internet Explorer or Edge
Avalara's Schedule Transaction Importer Application

If you are making API (Application Programming Interface) calls to the Avalara Excise Platform, your IT team must act before the dates above.

How can I tell if I'm making API calls?

Your Avalara Excise administrators can look in Admin > User List. If you have a username ending in ".api", you're making API calls and your IT team must act before the dates above.
Ask your IT department if you're unsure.

Can I test my software now?

Yes. We've already made this change to https://excisedemo.avalara.net.

Use your browser to connect to Avalara Excise and

if you can connect and see a login page, then no other action is needed.
if you can not connect and see a login page or get security errors, then your IT team will need to update your browser and perhaps your Trusted Root Authority based on this certificate.

If you use a program to make API calls to Avalara Excise, repeat the tests above with your program and take similar corrective actions as needed.

Your IT team can begin updating now, so that you are prepared before the change occurs.

Notes for IT teams (added 28-Sep-2018)

Avalara takes commercially reasonable efforts to make valid certificates available from our sites. It is your responsibility to properly download and install them in your system.
On Windows, Internet Explorer, Edge and Google Chrome use the Windows certificate authority. Other software, such as Firefox, use their own certificate storage to increase security.
Firefox, Internet Explorer, Edge and Google Chrome all allow you to view and download our certificates by clicking the lock icon in the address bar. Refer to the browser's documentation for more details.

[End]

21-Sep 2018 New look for the Avalara Excise Platform

If you've logged into our UA (test) system in the last couple of months, you've probably noticed that it's sporting a new look. If you haven't – go check it out now. We're highlighting it now, because this new look will be added to production in our next release on the evening of 02-Oct-2018 and we'd love to hear your thoughts. Have your Support Contacts open a case with your ideas and suggestions - we can't promise we'll do them all or how soon, but we are very interested in your thoughts.

[End]

19-Sep-2018 Michigan eFile Transmission Tag error

2:00 pm update: We exchanged emails with the state regarding this error but for now, requesting an extension is still the best option.

We learned yesterday that the State of Michigan responded with an error message when a customer attempted to upload their eFile. Before Michigan switched to XML formatted eFiles, we were required to certify with Michigan and we passed. As of this morning, we are not aware of any published changes to the state's XML format. We will update you as we learn more.

We suggest that customers who receive this error request a filing deadline extension from the state.

[End]

14-Sep-2018 5.34.1 Update

This evening, from 9:00 pm to Midnight Central Time (USA) we will be applying Update 5.34.1. To understand how an Update is different than a normal release, click Releases in the menu at the top of this or any page in here in the Help Center.

Release Highlights are available to download now for most SaaS users from the production Avalara Excise Platform. Scroll down to the next news flash for details. If you can't see the Admin > Support Downloads menu, ask your Support Contact if you use custom Roles - your Role may need to be updated by your organization. Self-hosted customers still need to have their Support Contacts download the Release Highlights.

Self-hosted customers only

Please note that with the 5.34.1 software update, there are database scripts that will take longer than normal to process. It is possible that we While the time will differ for each customer, it would not be surprising for it to take 2 - 3 or even 4 hours. At a minimum, these scripts will run longer than usual. Please keep this in mind when scheduling upgrades.

Additionally, the database scripts use the DB Log file, which can grow quite large during this process. Avalara recommends free space on the database server of at least double the size of the client database (often named ZMSClient). For example, if ZMSClient is 50GB in size, the database server should have at least 100GB in free space. When the release is complete, the log file can be reduced in size as needed.

If 5.34.1 is not applied, please be aware that these notes will apply to the next release applied that is higher than 5.34.0. Avalara recommends that each release is applied as it becomes available to stay current with content and functionality enhancements.

[End]

12-Sep-2018 Downloads location changed

Effective with the 5.34.0 release, downloads are now available in the production Avalara Excise Platform under Admin > Support Downloads. What's new:

All users will be able to download the Release Highlights and the Schedule Transaction Importer (STI) Windows application.
Customers with STI customizations will be able to download them here.
Self-hosted customers will have access to the above, plus all supported releases.

Go to Support Downloads for more information.

[End]

5-Sep-2018 Version 5.34.0 Important changes for all users

Revised 7-Sep-2018 with new information in red and old information lined through (e.g. ~~old information~~).

What: Release maintenance window changed to 9pm to midnight CT Friday 7 Sep 2018 ~~Noon CT Saturday 8 Sep 2018 (15 hours)~~.

Why: Our engineering team has determined that ZMS-29037 (Increased 'Units' fields in Schedule Transactions and Schedule Transactions Supp tables for support of liters and kilograms reporting) was causing the long-running DB update and should be removed from the release. The maintenance window is being reduced back to our normal time.

We apologize for any inconvenience this delay has caused. We will re-schedule ZMS-29037 for an upcoming release.

Why: Some jurisdictions required fields to be much longer than before. Increasing the length of existing fields is an intensive process. This upgrade is estimated to take 12 – 13 hours to complete, far longer than our normal scheduled 3 hours. Based on our testing, our scripts are as efficient as possible. We tried numerous other methods, but all took longer than what we have now. We estimate a total of 12-13 hours to complete this upgrade, far longer than our standard 3 hour maintenance window.

Customer effect:

All users - keep activity to a minimum during the maintenance window: 9pm to midnight CT Friday 7 Sep 2018 until Noon CT Saturday 8 Sep 2018.
Timeouts, service not available and other unexpected results may occur during this time.
Self-hosted customers only: You should plan on the usual amount of time to complete the upgrade. up to 12 hours to complete the upgrade. This depends on how many schedule transaction records you have. For example, one of our client databases has about 100 million schedule transaction records and took about 7 hours to complete.

What: Security Question & Answer reset required.

Why: As part of our constant effort to keep your data safe and secure, we updated to even stronger cryptographic algorithms. This will help to ensure sensitive information remains protected.

Customer effect: all users, including API accounts

API users that are used exclusively for API calls, and not signing into the website via the UI, should not be affected during the upgrade. The next time you login to the Avalara Excise Platform at https://excise.avalara.net/ and https://exciseua.avalara.net/ interactively using a web browser, you will be required to update the security question & answer, the same as any other user.

After you see Version 5.34.0 at the bottom of the page, when you first login to Avalara Excise you will be prompted to reset your security question & answers.

Tip: The version is displayed at the bottom center of every page, even before you login.

Enter your current password and click the Unlock Profile button.
Click Add New Record and choose a security question from the dropdown list.
Enter your answer and click the check mark to save it.
- If the message just below the security tab requires more than 1 security question, repeat as needed.
- You can add more than the required number of security questions and the system will randomly display from them during Password Assistance.

What if I still see "your session has expired"?

You'll need to delete your web browser's cookies. With your browser open, press Ctrl+Shift+Delete all at the same time and select the option to delete cookies. Refer to your browser's help for more details.

Returns Excise customers only

What: Tax sessions for any return listed as revised in the 5.34.0 Avalara Returns Excise Release Highlights (under Forms).

Why: During the release, tax sessions that are:

revised in this release (see above)
for a tax period after the effective date of the revised returns
not marked as filed

will be updated to use the revised returns during the upgrade. This is what you want to happen, so that you get the updates applied to your tax session.

Customer effect:

If you have filed a tax sessions that match the first two bullets above, before or after the maintenance window, but not during, simply go to Tax Filing > Tax Sessions, click the session and unfile it.

After the maintenance window any tax session for the revised returns must be regenerated as usual.

[End]

14-Aug-2018 Michigan returns with XML eFile

For the following USA Michigan returns:

Taxpayer Type	Return Code	Return Code Description
BLD	3791	Blender Monthly Tax Return
CAR	3715	Carriers Monthly Report
EXP	4004	Exporter Quarterly Report
IMP	3992	Fuel Importer Return
SPL	3978	Fuel Supplier Return
TOR	3716	Terminal Operator Monthly Return
TRN	3724	Transporter Quarterly Report

eFile Creation

In eFiling > eFile Creation

Select Michigan XML Version 1 as the eFile Version.
On the Settings tab, enter 123456 in the Sender Code.

Bill of Lading 12 characters maximum

After removing 'illegal' characters, eFile creation is truncating the Bill of Lading field to the first 12 characters.

Updated to remove invalid characters messages

For many fields, Michigan is enforcing new rules regarding valid characters in the XML formatted eFile. When populating the eFile data, we include 'legal' and exclude 'illegal' characters based on Michigan's XML guide:

Legal characters: A-Z, a-z, 0-9, hash, slash, percent, hyphen, parentheses, ampersand, apostrophe and single space
Illegal characters: Leading space, trailing space, adjacent spaces, and symbols

As a result, you may see warning messages similar to this: "Carrier legal name was updated to remove invalid characters that would cause a file to be rejected." The phrase, Carrier legal name, is just one of several possibilities.

You don't need to do anything, just be aware that when communicating with the state, they may refer to fields with 'illegal' characters removed.

[End]

1-Aug-2018 and 1-Nov-2018 Internet Browser and API Call Support Changes Coming

Added 10-Jul-2018 at 11:21 Central (USA)

Internet browsers, such as Firefox, Chrome, Internet Explorer and Edge use Transport Layer Security (TLS) to connect to secure sites like the Avalara Excise Platform. To improve security, Transport Layer Security (TLS) 1.0 support for the Avalara Excise Platform will be phased out over the next four (4) months to ensure all browser connections are using the current industry standard security protocols. You may have seen a similar notice from other service providers such as the recent notice from the IRS for ExSTARS requiring minimum browsers versions effective 7/13/18.

If you make API (Application Program Interface) calls to Avalara Excise services, the removal of TLS 1.0 support is likely to impact you (IT Departments).

When will TLS 1.0 support end for Avalara Excise?

TLS 1.0 support will be removed in two phases:

1 August 2018 (Release 5.33.20): TLS 1.0 support will be removed from the Avalara Excise Test (UA) environment (https://exciseua.avalara.net). Any customer using TLS 1.0 will start to get a "Failed to receive authentication HTTP" message.

1 November 2018 (Release 5.34.20): TLS 1.0 support will be removed from the Avalara Excise Production (https://excise.avalara.net) environment.

What do I need to do?

Check your browser: If your version is less than the version shown below, send your IT department a link to this page and ask them how to get an upgrade.
- Google Chrome version 66
  (Click the menu in the top right corner and then Help > About)
- Mozilla Firefox version 60 or version 52 for large organizations
  (Click the menu in the top right corner and then Help > About)
- Microsoft Internet Explorer version 11
  (Click the gear in the top right corner and then About)
- Microsoft Edge version 42
  (Click the menu in the top right corner and then Settings and scroll down)
  
  Customers who cannot upgrade before the 1 August and 1 November 2018 deadlines can search the internet for "browser check tls version" for sites that can identify what TLS version your browser supports. Note that requiring vendor supported browsers is a long standing Avalara policy - see Browser Support and Troubleshooting.
API calls: If you are making API calls to the Avalara Excise Platform, we recommend two actions for our customers:
- Begin upgrading your servers to use TLS 1.2 (preferred) or TLS 1.1 when making API calls.
- Consider upgrading your API calls to the latest version available.
- To view our API call documentation:
  - Login with a Company Admin account
  - From the menu, click the Developer Content and choose one of the following menu items:
    - Developer Content ' REST Documentation and then look up "AvaTaxExcise Controller" or
    - Developer Content ' SOAP Documentation and then look up "ATE SOAP Web Service 5.27.0 Documentation"

[End]

6/20/2018 (Resolved 7/3/2018) in 5.33.10 Schedule Query Wizard Mass Change: setting the Value Type to Field

Note for Returns Excise Pro users, the Mass Change feature is only in Returns Excise and not in Returns Excise Pro.

In version 5.33.0, some customers reported difficulty using the Value Type "Field". If you also have that difficulty, please follow these steps:

Select any Field.
Change Value Type to Field (The selection may not appear to work - please continue.)
Go back to Field and select the field you want to change.

You can now choose a Value.