PI Planning for PI37 is now complete and development has kicked off. Below you will find the list of items that are included in this PI and a summary of the releases completed in the previous PI. As always, we invite you to provide feedback. We would love feedback on both the current and future PI items to help us prioritize the items that will have the most benefit for our customers.
Recent Releases
The following product versions were released during PI36:
• API Gateway 11.1 - Release Notes
• API Portal 5.2.3 - Release Notes
Release and EOS Calendar
The following image provides a timeline view of past and planned releases (future releases are prefixed with “+”). For planned releases, the timeline, release name/version, and release content are subject to change. End of Service (EOS) dates are shown in gray on the bottom half of the image.
Planned Releases for PI37
The following product versions are planned to be released during PI 37. The marquee features for each release are included. For planned releases, the timeline, release name/version, and release content are subject to change.
PI37 Key Capabilities
The sections below provide a listing of the key capabilities being worked on across the Layer7 family of products. Note that some capabilities will span multiple PIs.
API Gateway:
-
[Preview] Active-active enterprise Redis support
-
[Preview] Dynamic private key management via Graphman using PEM
-
[Preview] Graphman enhancements
-
Cluster-wide property search and sort
-
Tanzu support
-
Reasonable commercial effort support for downstream RHEL derivatives for software gateway
-
Reasonable commercial effort support AWS ElastiCache for Redis
-
[Container gateway optimizations] Mounting gateway sensitive data
-
[Container gateway optimizations] Support for setting Liquibase log level
-
[Container gateway optimizations] Adopt SBO's IronBank RHEL UBI 9 base image
-
Support for Policy Manager silent installs on Windows
-
Support for Policy Manager on Windows 11
-
FIPS 140-3 support
-
[CCE] Common Criteria evaluation for GW11.1+ and Debian 12+
-
[CCE] Upgrade CCJ or replace with BC with longer lasting FIPS certification
-
[CCE] Digital signature of L7P files and verification using PMS
-
[CCE] Integrity verification of virtual appliance on startup
-
Switch to Bouncy Castle provider to address duplicate Subject DNs issues
-
Replace EPAgent with Infrastructure Agent for PAPIM
-
Gateway versioning and upgrade changes
-
Update gateway to use SSO SDK 12.8.08 CR1
-
Graphman-client diff enhancements
-
Add Graphman-client to NPM registry
-
[Experimental] Distributed Circuit Breaker Assertion
-
[Experimental][Container gateway optimizations] Arm64 or no arch container gateway
OAuth Toolkit:
-
OpenID Hybrid Conformance Updates Continued
-
OTK - Scope processing optimization for improved performance - Part 2
-
Provide ability for OTK Helm charts to not require Liquibase schema downloads from the internet
-
OTK 4.6.3 Release Activities
-
Provide ability to disable session cache
API Portal:
-
Define Application in Portal along with Client Cert to support mTLS - continued
-
Enhance API Key Deployments to support a shared API Key Repository Part 2
-
Cleanup API_VIEW to address API and Key Sync Issues
-
PSSG Removal (except TPS)
-
Make portal deployer port configurable
-
Template ability to define fields with drop down value selection
-
automation of sanity testing and other hardening tests (PI-37)
-
UI Standardization on React-17 (PI-37)
-
Portal 5.3 Release Activities
-
PSSG Removal - TPS
-
Template Management -APIs Tab in Category and others
-
API Products - General Availability (Part 1)
-
Client applications managed by external OAuth providers Part 1
-
API Hub: Provide ability to hide footer
-
Role UUID removal of unused UUIDs
-
Automatic Removal of Inactive Users
Note that some larger capabilities may span multiple PIs and, as always, plans are subject to change based on a number of different factors.
Candidates for PI38 and Beyond
While the capabilities to be included in the next PI are not yet set, please see below for a list of candidates being considered. Of course, not all of these will fit and we will select a subset of these based on your feedback. We'd love to know if there is a capability in the list you are eagerly awaiting and/or plan to use. We also would love to know if there is something missing from the list that is important to you. Please comment in the comments section below with your feedback.
API Gateway:
-
Next generation management interface
-
HTTP and HTTP/2 over shared port
-
gRPC
-
SNI
-
[Experimental] Gateway as k8s ingress controller
-
Container gateway optimizations (smaller, faster, more secure, more cloud native)
-
HTTP Client Upgrade
-
Common Criteria evaluation for GW11.1+ and Debian 12+
-
Post Quantum Crypto (PQC) Support
-
HTTP/2 streaming
-
ICAPS Support in Gateway
OAuth Toolkit:
-
Layer7 Operator Support
-
FAPI 2.0 Support
-
Token Validation Improvements to Leverage Token Revocation Capabilities
-
OAuth 2.0 Rich Authorization Requests (RAR)
-
Revise the trade-off between OTK runtime and management capabilities
-
Revise Token Count Capability
Mobile SDK:
API Portal:
-
PSSG Removal
-
API Products General Availability
-
Productization - Decouple OTK from Portal
-
Layer7 Operator Support
-
API Notification Management
-
Portal Standardization on React 17 (completion of ongoing work)
-
Workflow for API Publishing
-
Custom Roles
-
API Catalog for non-managed APIs