About This Release

WSO2 API Microgateway 3.2.0 is the successor of WSO2 API Microgateway version 3.1.0. For more information on WSO2 API Microgateway, see the overview and visit our webiste.

What's New

  • Circuit Breaker, Retry, and Timeout Capabilities
    To handle situations where the backend is not reachable due to issues like heavy load, slow response time etc, the WSO2 API Microgateway can be configured with advanced endpoint configurations including circuit breakers, retries and endpoint timeouts. For more information, visit Endpoint Retry and Timeouts and Circuit Breaker.

  • Custom Claims Mapping for JWTs
    WSO2 API Microgateway 3.2.0 facilitates claim mapping for JWTs, particularly useful when the claims of the incoming JWT cannot be directly validated by the backend. Also, it brings in the flexibility to generate JWTs with preferred custom claims. More information can be found from Custom Claims Mapping.

  • Custom Siddhi Policies and Deny Policies with WSO2 API Manager
    The WSO2 API Manager allows users to define and deploy custom Siddhi-based policies and do the rate-limiting based on those queries. The API Manager has ability to block the requests when Deny Policies are enabled. The WSO2 API Microgateway also has ability to enforce these policies when it is integrated with WS02 API Manager.

  • JWKS Support for JWT Verification
    The WSO2 API Microgateway can be configured such that JWT Token validation happens via connecting to JSON Web Key Set endpoint.  For more information, visit Secure APIs using JWT - Self Contained JWT

What's Improved

  • Backend JWT Generation
    The WSO2 API Microgateway has ability to generate the backend JWT Token. In addition, the JWT generation logic can be customized based on user preference as well. For more information, visit Generating a JWT in Microgateway.

  • Publish Events to Multiple Traffic Managers
    The WSO2 API Microgateway can publish events to multiple Traffic Managers to preserve high availability.  For more information, see Distributed Throttling.

  • Improved Subscription Validation
    The WSO2 API Microgateway supports real time subscription blocking feature, when it is integrated with WSO2 API Manager. And the subscriptions, subscription tiers can be changed in the real time as well.

  • Multiple Extension Filters
    The WSO2 API Microgateway has ability to engage multiple Extension Filters and define their positioning in the Filter chain. For more information, visit Add Custom Filters.

  • Improved Rate Limiting with WSO2 API MANAGER
    In WSO2 API Manager, the users can define throttle policies which perform rate limiting based on various conditions including headers, JWT claims, query params and IP address. The same policies can be enforced within WSO2 API Microgateway when it is integrated with WSO2 API Manager.

  • Integrate with multiple Third Party Key Managers
    WSO2 API Microgateway 3.2.0, is able to integrate with other key manager including the WSO2 API Manager Key Manager.

  • JWT Revocation with WSO2 API Manager
    WSO2 API Microgateway has ability to persist revoked access tokens inside WSO2 API Manager (Traffic Manager). For more information, visit Rejecting Revoked tokens.

  • Support reading open API definition in interceptors Enables developers to access the OpenApi definitions of the current runtime and implement custom behaviors.

  • Support reading configurations from java interceptors Provides access to microgateway runtime configurations from java interceptors.

  • Mutual SSL support per API
    Provides the ability to specify which certificates should be trusted by each API. Prior to this improvement, any of the microgateway's trusted certificates could be used to invoke a mutual SSL protected API. For more information, visit Mutual SSL Authentication.

  • More in 3.2.0 Improvements

Fixed issues

WSO2 API Microgateway 3.2.0 - Fixed Issues

Known issues

WSO2 API Microgateway 3.2.0 - Known Issues