API7 Enterprise Release Notes
Version 3.2.12.0
Release Date: 2024-05-24
Admin API Breaking Changes
- The "service status" field has been changed from "0: enabled, 1: disabled" to "0: disabled, 1: enabled".
- Publish a service
- Update service runtime configurations by ID
- Get all published services in Gateway Group
- The "ID" field has been removed from the consumer API. Queries and deletions are now performed using "gateway group ID" and "username".
- SSL-related APIs now require the "gateway group ID" parameter.
New Features
Stream Route
API7 Gateway extends beyond API management. It can also handle Layer 4 (L4) traffic, like database or Kafka connections. Add a stream service and several stream routes to Proxy Transport Layer (L4) Traffic.
Custom Role (UI Support)
Design your own custom roles with granular permission control. See Add Custom Role.
Ingress Controller (Beta, API Support Only)
Integrate with Ingress Controller.
Improvement
Optimize Left Navigation Menu
- Users will now see the gateway group menu as the primary landing page.
- Change Service menu item to Service Hub.
Bug Fix
- Avoid duplicate API Key when using key-auth plugin.
- Enable allowlist and denylist at the same time in ua-restriction plugin.
- Reset password without expiring the access token.
- Labels can be up to 64 characters long and include spaces.
- Validate configuration of loggly plugin successfully.
- Force configuration synchronization to the data plane, even with schema validation errors. This prevents data loss and ensures uninterrupted workflow.
- The meaning of API7 Gateway service status consistent with the corresponding field in Apache APISIX.
Version 3.2.11.3
Release Date: 2024-05-20
Bug Fix
- etcd watch can pass SNI correctly.
- API7 Enterprise will attempt to create a database automatically. If permission issues arise, it will launch using a pre-configured database provided by the user, preventing installation failure.
Version 3.2.11.2
Release Date: 2024-05-20
Bug Fix
- Labels can be up to 64 characters long and include spaces.
- Force configuration synchronization to the data plane, even with schema validation errors. This prevents data loss and ensures uninterrupted workflow.
Version 3.2.11.1
Release Date: 2024-05-08
New Features
SSO Role Mapping
This automated role mapping eliminates the need for manual role assignment by Super Admins. Users who satisfy the defined key-value mapping rules will be automatically assigned the corresponding roles upon login. For details, see Set Role Mapping.
SCIM Provisioning
Streamline your identity management with SCIM Provisioning. It automatically synchronizes user data from your Identity Provider, ensuring consistent and effortless user management. For details, see Sync User Data from IdP.
Custom Role (Beta, API Support Only)
Design your own custom roles with granular permission control. UI supports coming soon.
Improvement
Upgrade to OpenSSL 3
Improved Security, Performance, and Availability.
Plugin Global Rules Ordering
To streamline the management of global rules, API7 Enterprise merges multiple rules into a single rule, ensuring that plugin configurations are unique within each rule.
Bug Fix
Settings Modal Add HTTP Protocol Detection
Not properly detecting whether HTTP or HTTPS is required, leading to errors when deployed gateway instance using the given script.
Error Uploading SSL Certificate
An issue exists where uploading an SSL certificate intended for gateway group A may inadvertently assign it to gateway group B.
Support Host Level Dynamic Setting of TLS Protocol Version
Incorporated the fix from the resolved Apache APISIX issue.
Version 3.2.10.1
Release Date: 2024-04-28
New Features
Support MySQL 5.7
API7 Enterprise now supports MySQL 5.7.
Version 3.2.10.0
Release Date: 2024-04-22
Breaking Changes
Bind Token with User
Tokens are bound to specific users and share the same permissions. When the user is deleted, the associated token will also be deleted.
Version 3.2.9.5
Release Date: 2024-04-16
New Features
Upstream mTLS(API Support Only)
API7 Enterprise now supports mutual TLS (mTLS) authentication between the gateway and upstream services. mTLS is a form of communication security that requires both parties to present certificates to each other. This ensures that both parties are who they claim to be and that the data transmitted between them is encrypted. UI support coming soon.
Version 3.2.9.4
Release Date: 2024-04-07
Bug Fix
Assessment of CPU Core Limitations
Resolved the issue that occurs when the maximum number of CPU cores is reached.
Version 3.2.9.3
Release Date: 2024-04-03
New Features
Integrate with Vault (Beta)
You can store sensitive data securely in your Vault. Admin API support is available; UI support coming soon.
Version 3.2.9.2
Release Date: 2024-04-01
New Features
Support SAML SSO Login
API7 Enterprise supports Single Sign-On (SSO) with SAML implementations. For details about how to configure SAML SSO login method, see configure SSO with SAML.
New Plugin: Data Mask
The data-mask plugin provides the capability to remove or replace sensitive information in request headers, request bodies, and URL queries. Learn more about Data Mask.
Feature Enhancements
Skip Path Prefix
You can opt to skip the path prefix when sending requests to the upstream. This adjustment is imperceptible to users and may be useful when using different path prefixes to identify APIs sent to different gateway groups.
Better Health Check Configuration UI
Introduced a user-friendly and intuitive UI for your health check configuration in upstreams.
Upgraded Encryption Algorithm
Upgraded from AES128 to AES256 algorithm.
Performance Improvement
Eliminated the impact caused by disabling plugins.
Version 3.2.9.1
Release Date: 2024-03-19
New Features
Support Add Custom Plugin
API7 Enterprise now allows you to build custom plugins to add extra functionalities and manage API traffic with custom flow. See how to Add Custom Plugin
Support OIDC SSO Login
API7 Enterprise supports Single Sign-On (SSO) with OIDC implementations. For details about how to configure LDAP SSO login method, see configure SSO with LDAP.
Use Service Labels as API Provider Scope
By assigning service labels as the scope for an API Provider, you can grant them access to all services with a specific label. It will help reduce the workload of the Super Admin. Typically, services can be grouped using a 'Department' label. Thus, users from that department will be able to access all services belonging to that department.
Version 3.2.8.1
Release Date: 2024-02-08
New Features
Support Nacos Service Discovery
API7 Enterprise uses service discovery to automatically detect available upstream services, keeping their addresses in a database (called a service registry). Therefore, an API gateway can always fetch the latest list of upstream addresses through the service registry, ensuring all requests are forwarded to healthy upstream nodes.
In this release, API7 Enterprise supports integrating with Nacos service discovery, which can be used to publish services and synchronize services between gateway groups.
Support LDAP SSO Login
API7 Enterprise supports Single Sign-On (SSO) with LDAP implementations. Integrating API7 Enterprise with LDAP enables you to log your LDAP users into API7 Enterprise as part of API7 Enterprise' SSO infrastructure. For details about how to configure LDAP SSO login method, see configure SSO with LDAP.
Support Adding Gateway Instances using Kubernetes
A gateway instance is a single proxy that handles traffic. In this release, API7 Enterprise supports adding gateway instances to a gateway group using Kubernetes. For details, see add gateway instances.