PI Planning for PI30 is now complete and development has kicked off. Below you will find the list of items that are included in this PI and a summary of the releases completed in the previous PI. As always, we invite you to provide feedback by commenting on this post below. We would love feedback on both the current and future PI items in order to help us prioritize the items that will have the most benefit for our customers.
Recent Releases:
The following product versions were released during PI29:
PI30 Key Capabilities
The sections below provide a listing of the key capabilities being worked on across the Layer7 family of products. Note that some capabilities will span multiple PIs.
API Gateway:
- Allow Private Keys & Certs to be selected Dynamically - continued from PI29
- Common Criteria Certification (CAVP) - continued from PI29
- Upgrade External Hazelcast Assertion to latest 5.x (Planned for 10.1 CR2)
- Release of Gateway 10.1 CR2 (Apache HTTP Client Upgrade, JDK 11 Update
- Debian Appliance for Gateway 11.0 - continued from PI 29 and will continue through PI 31
- GraphQL Assertion - Tech Preview Availability
- DFDL upgrade to 3.3.0
- Support for Ephemeral Gateway
- WebSocket Inbound support over the same HTTP port
- gRPC Prototyping
- Kafka Consumer Support - Tech Preview Availability
OAuth Toolkit:
- FAPI 1.0 Advanced Profile Completion
- RFC 7591 Software Statement Support
- Token exchange grant based on RFC8693
- Device authorization grant based on RFC8628
- Enforce Rate Limiting for OTK Endpoints
Mobile SDK:
- Log Management Improvements - continued from PI29
- Exception Handling Improvements - continued from PI29
- Remove use of Query Parameters for Token Revocation
- Remove use of Query Parameters for Social Login Access Tokens
- SSL Pinning Updates to allow for flexibility when pinning to certs
API Portal:
- Release of API Portal 5.1.1 (SaaS Only)
- Audit Logs maintenance
- Default Rate Limits & Quotas for API per Organization
- Quota Consumption Report by API per Org.
- PAPI improvements for API Plans and Application Request endpoints
- Support for fully customized email templates to support localization
- Public API Catalog & documentation without Authentication
- Managing Organization Visibility and RL&Q from API Details
- UI updates to use new and improved PAPI applications endpoint
- TLS1.3 Support for Portal UI and PAPI
- Support for MariaDB for external DB (best effort)
- Support Portal Deployment on GKE
Layer7 Infrastructure Manager (L7iM):
- Alerts for Expiring/Expired Certificates
- Prototype: Manage Certificates - per Gateway
- Graphman (formerly known as RESTMAN 2.0) updates for certificate management
Note that some larger capabilities may span multiple PIs and, as always, plans are subject to change based on a number of different factors.
Candidates for PI31
While the capabilities to be included in the next PI are not yet set, please see below for a list of candidates being considered. Of course, not all of these will fit and we will select a subset of these based on your feedback. We'd love to know if there is a capability in the list you are eagerly awaiting and/or plan to use. We also would love to know if there is something missing from the list that is important to you. Please comment in the comments section below with your feedback.
API Gateway:
- Debian appliance work completion with GW 11 release
- Websockets enhancements to allow multiple websockets services on a shared port
- Common Criteria Certification
- Additional authentication schemes for JDBC connections
- MariaDB support for SSG DB
- Support for API Gateway without DB
- gRPC protocol support
- SNI Support
- API gateway as an ingress controller for K8s
- XSLT 3 Support for the XSLT Assertion
- Gateway support for Redis for inter-gateway communication
OAuth Toolkit:
- FAPI 1.0 CIBA Profile Support - Poll Mode
- FAPI 1.0 PAR Support
- Cassandra 4.x Support
- Shared Signals Support
Mobile SDK:
API Portal:
- Rate Limits & Quotas for API per Application API Key
- SAML SSO: support for onboarding multi-org users
- MySQL HA: Support for Read Replica
- Integration with external Identity Providers
- MFA for admin account
- Debian OVA
- Support for access tiers for Rate Limits and Quotas
Layer7 Manager:
- Graphman Enhancements for Policy Migration (Published services and policy fragments)
- Full Certificate Management
- Policy Dependency Management
- Gateway Health