Layer7 API Management

 View Only

Layer7 Work in Progress Update - PI28

By Gregory Thompson posted Nov 22, 2021 09:57 AM


The team has now moved into PI28 Below you will find the list of items that are included in this PI. As always, we invite you to provide feedback by commenting on this post below. We would love feedback on both the current and future PI items in order to help us prioritize the items that will have the most benefit for our customers.

Recent Releases:
The following product versions were released during PI27:

PI28 Key Capabilities

The sections below provide a listing of the key capabilities being worked on across the Layer7 family of products. Note that some capabilities will span multiple PIs. 

API Gateway:
  • Common Criteria Updates (continued)
  • JDK 11.0.13 Upgrade
  • Siteminder (CA SSO) SDK Upgrade
  • Enable Debugging of Encapsulated Assertions (continued)
  • Release of API Gateway 10.1 CR (key planned capabilities are Common Criteria related changes / robust security on appliance, Critical bug fixes, Siteminder SDK upgrade)
  • Hazelcast 4.x Upgrade
  • API Gateway Container Certification for AKS
  • GraphQL Support
  • Redis Support

OAuth Toolkit:

  • Audience Restriction Updates
  • Release of OTK 4.5 (key planned capabilities are Audience Restriction Support, Mutual TLS, 3rd Party OIDC support for Authentication, Performance Enhancements for MySQL and Cassandra, and Hashed Secret Storage)
  • FAPI 1.0 Basic Profile Authorization Server Updates
  • Token Introspection API
  • FAPI 1.0 Advanced Profile - Authorization Request via JWT
  • FAPI 1.0 Advanced Profile - Authorization Response via ID Token
  • ID Token Enhancements to Streamline Adding Custom Claims

Mobile SDK:

  • Release of SDK 2.2 (key planned capabilities are Browser-based authentication when redirected to a native App (iOS and Android), iOS 15 support, and Android 12 support)
  • Exception Handling Improvements
  • Log Management Improvements
  • Android Key Storage Updates

API Portal:

  • Release of API Portal 5.1 (key planned capabilities are Rate Limits & Quotas for API Management, Helm Chart improvements, Security Improvements in User Management, and MySQL 8.0.26 support)
  • Cache Rate Limit & Quotas Configs
  • Application Request Workflow to include Application Deletion

Layer7 Manager:

  • Continued Design Workshops
  • Initial Prototyping

Note that some larger capabilities may span multiple PIs and, as always, plans are subject to change based on a number of different factors.

Candidates for PI29
While the capabilities to be included in the next PI are not yet set, please see below for a list of candidates being considered. Of course, not all of these will fit and we will select a subset of these based on your feedback. We'd love to know if there is a capability in the list you are eagerly awaiting and/or plan to use. We also would love to know if there is something missing from the list that is important to you. Please comment in the comments section below with your feedback.

API Gateway:

  • Headless Install Updates for Siteminder and Precision API Monitoring
  • Policy Plugin Updates
  • Websockets support for HTTP using same port
  • Common Criteria Certification
  • Javascript Assertion Update to replace deprecated Nashorn implementation
  • Remote cache assertion productization 
  • gRPC protocol support
OAuth Toolkit:
  • FAPI 1.0 Advanced Profile - Authorization response as JARM
  • Brazil Open Banking - RFC 7591 Software Statement Support
  • Token Revocation List (TRL) API
  • Dynamic CORS origin management
  • Support for any port in redirect URLs with “localhost”
  • Device authorization grant based on RFC8628
  • Client Initiated Backchannel Authentication (FAPI-CIBA Profile) Poll Mode
  • Token exchange grant based on RFC8693

Mobile SDK:

  • SSL Pinning Updates to allow for flexibility when pinning to certs
  • Update Android key storage, Account Management and encryption
  • Log Management Improvements

API Portal:

  • Rate Limits & Quotas for API per Organization
  • PAPI - api-management endpoints standardization for applications and API groups
  • PAPI - API for querying public APIs & documentation without Authentication
  • SAML SSO: support for onboarding multi-org users
  • MySQL HA: Support for Read Replica

Layer7 Manager:

  • RESTMAN Enhancements for Policy Migration
  • Certificate Management
  • Policy Dependency Management
  • Gateway Health