New in the 10.5.0 LTS stream
The IBM® DataPower® Gateway 10.5.0 LTS stream offers the following new features and enhancements.
For a list of resolved APARs, see Fix packs for DataPower Gateway 10.5.0.x.
- New in 10.5.0.10The following features are new to customers who upgrade to 10.5.0.8.
- Added support for an API definition to control whether to resolve and populate the form data parameter.
- Added support for an API definition to control whether SOAP 1.1 faults always return HTTP 500.
- Added GatewayScript API to retrieve an API gateway context.
- Added
eb:MessageProperties
support to the ebMS3 settings of external B2B partner profiles.
- New in 10.5.0.8The following features are new to customers who upgrade to 10.5.0.8.
- Added ability to secure connections to IBM Db2® data sources.
- Added settings to the destination property of B2B partner profile.
- Added support for IBM Security Verify Access 10.0.5 to the Access Manager client.
- New in 10.5.0.7The following features are new to customers who upgrade to 10.5.0.7.
- Added setting to control the value of SNI header to establish a secure connection to the IBM MQ v9+ server.
- Added more cipher suite to support secure operations with the IBM MQ v9+ queue manager.
- New in 10.5.0.6The following features are new to customers who upgrade to 10.5.0.6.
- Changed the new UI to full support.
- Added the probe utility to the new UI.
- Added ability to flush the buffer for analytics endpoints.
- Added setting to the parameter property of API operation and API path.
- Added GatewayScripts APIs to check whether the
Content-Type
in a message a JSON or XML media type.
- New in 10.5.0.5The following features are new to customers who upgrade to 10.5.0.5. No new features were added in 10.5.0.4.
- Added ability to specify a proxy server to connect to API Manager.
- Enhanced analytics endpoint to support connection timers and retrieve a JWT from a management platform endpoint.
- Added actions to validate and update the count of remaining allowed requests for a rate or count limit definition.
- Added ability to enforce all headers in API contexts as case-insensitive.
- Added ability to manage SSH revoked keys for SSH authentication.
- Added ability to secure JDBC connections to Oracle data sources.
- Added the save running-config command to save the running domain configuration to a file.
- Added ability to use the
$type()
function in JSONata expressions. - Added ability to specify strict UTF-8 encoding for JSON documents.
- Added XSLT extensions to manage caches for the API gateway.
- Upgraded support for IBM Sterling Transformation Extender.
- New in 10.5.0.3The following features are new to customers who upgrade to 10.5.0.3.
- Added ability to define a gateway-peering group and assign it to a gateway-peering instance.
- Added ability to retrieve JWKS data from API Manager to validate JWT tokens.
- Enhanced rate limits.
- Added ability to secure ODBC connections to Microsoft SQL Server or Oracle data sources.
- Added ability to specify ECDSA algorithms to sign outbound messages.
- Added ability to specify the asymmetric key transport algorithm to encrypt outbound ebMS messages.
- Added the custom scalar type
JSON
for GraphQL APIs. - Enhanced failure notification to always generate an error report at startup.
- Added APIs to manipulate attachments in a message object.
- New in 10.5.0.2.The following features are new to customers who upgrade to 10.5.0.2.
- Added firmware images to support 8436 appliances for only migration purposes.
- Added firmware images to support DataPower Gateway for Linux®.
- Added ability to specify a range of HTTP status codes for API operation response schemas.
- Added option to recount the bytes of the response payload in captured transaction data.
- Added the custom scalar type
Date
for GraphQL APIs. - Added support for the HTTP
TRACE
method for API operations and assembly actions.
- New in 10.5.0.1.The following features are new to customers who upgrade to 10.5.0.1.
- Added firmware images to support 8441 appliances. Before you can upgrade the 8441 appliance to 10.5.0.1, you must first upgrade to 10.0.1.9.
- Added firmware images to support DataPower Gateway for VMware.
- Change in feature to process IBM Sterling Transformation Extender maps with a binary transform action.
- Added the crypto.ramdomUUID method to the GatewayScript crypto module.
- Added ability to return information about rate limits in burst limit response headers.
- Added the custom scalar type
DateTime
for GraphQL APIs. - Added ability to specify a parse settings configuration in a map assembly action.
- Added ability to specify an action to apply to limits in a rate limit definition group.
- New in 10.5.0.0.The following features are new to customers who upgrade from either the 10.0.1 LTS stream or the 10.0 CD stream.
- Ability to add 8496 appliances to your environment. You cannot install a firmware version earlier than 10.5.0.1 on these appliances.
- Added firmware images to support DataPower Gateway for Docker.
- Added another DataPower graphical interface. The new interface is based on Carbon design and is provided as a technology preview.
- Added support for Safari, Chrome, and Edge browsers.
- Added extract assembly action to transform content from the API context.
- Added enforcement mode for rate limit definition groups.
- Added ability to use a rate limit definition group as a source for the rate limit assembly action.
- Added ability to limit the number of concurrent SSH CLI connections.
- Added ability to specify a short name to include in rate limit response headers.
The following features are new to customers who upgrade from only the 10.0.1 LTS stream. These features were part of the 10.0 CD stream.- Added ability to protect APIs with HTTP bearer authentication.
- Added ability to define whether multiple calls from the same stylesheet return the same result when you define an API gateway.
- Added ability to define the load balancer group to provide redundancy among remote resources when you define an API gateway.
- Added ability to define the schedule to run specific processing rules when you define an API gateway.
- Added status providers to view stylesheet compilation statistics for API gateway services.
- Added status providers to view details about analytics endpoints.
- Added GraphQL execute assembly action to process a GraphQL schema.
- Added rate limit definition groups.
- Added ability to specify whether to enable rate limit response headers in a rate limit definition.
- Added ability to customize the value of the
Access-Control-Expose-Headers
response header. - Added JSONata extension functions to support GraphQL APIs.
- Added the custom scalar type
Long
for GraphQL APIs. - Added the
@scalarParam
directive to customize GraphQL custom scalar types. - Added assembly property to specify the final API rule to apply to API calls.
- Added API gateway properties to specify timeout times for client connections.
- Added the
file
parameter type for API operations. - Added ability to set the key type for key authentication with SSH for known hosts.
- Added GatewayScript
amqp
module. - Added dp:check-stylesheet-cache-entry() extension function.
- Added the
listVariables()
API to the GatewayScriptcontext
object.
For more information about the new features, see the linked information.
10.5.0.10
The following information is a summary of the new features that are added since 10.5.0.8.
- Added support for an API definition to control whether to resolve and populate the form data parameter.
- When you configure an API definition, you can control whether to resolve and populate the form
data parameter when the
Content-Type
header isapplication/x-www-form-urlencoded
ormultipart/form-data
. For more information, see Creating API definitions. - Added support for an API definition to control whether SOAP 1.1 faults always return HTTP 500.
- When you configure an API definition, you can control whether SOAP 1.1 faults always return HTTP 500. For more information, see Creating API definitions.
- Added GatewayScript API to retrieve an API gateway context.
- When you create the GatewayScript file for an assembly GatewayScript action, you can use the apigw.context API to retrieve the API Gateway context. This API is used by CommonJS modules that require access to the API gateway context. For more information, see apigw module
- Added
eb:MessageProperties
support to the ebMS3 settings of external B2B partner profiles. - When you define an external B2B partner profile, you can define message properties to add to the
eb:MessageProperties
node. For more information, see Defining ebMS3 settings for external partners.
10.5.0.8
The following information is a summary of the new features that are added since 10.5.0.7.
- Added ability to secure connections to IBM Db2 data sources.
- When you configure a Db2 data source, you can define how to secure connections to the remote server. For more information, see Creating a Db2 data source.
- Added settings to the destination property of B2B partner profile.
- For AS4 compliance, added the following settings when you configure a destination that uses the
ebms3:// or ebms3s:// scheme.
- For ebMS3 connections, specify the reference to the agreement that governs this message
exchange. This value maps to
eb:AgreementRef
in the message header. - For ebMS3 connections, specify the PMode identifier for the convenience of PMode management.
When specified, the
AgreementRef/@pmode
attribute value is expected in associated messages. - For advanced ebMS3 when compression is not enabled, specify whether to send messages in the SOAP
Body
.
- For ebMS3 connections, specify the reference to the agreement that governs this message
exchange. This value maps to
- Added support for IBM Security Verify Access version 10.0.5 to the Access Manager client.
- When you configure the Access Manager client, you can specify Security Verify Access version 10.0.5 as the client version. For more information, see Specifying client version.
10.5.0.7
The following information is a summary of the new features that are added since 10.5.0.6.
- Added setting to control the value of SNI header to establish a secure connection to the IBM MQ v9+ server.
- When you configure a local IBM MQ queue manager, you can control whether the value of the SNI header uses the channel name or hostname. For more information, see Configuring an IBM MQ queue manager.
- Added more cipher suite to support secure operations with the IBM MQ v9+ queue manager.
- When you configure a local IBM MQ queue manager, you can now use the following cipher suites.
TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_AES_256_GCM_SHA384
ECDHE_ECDSA_AES_256_CBC_SHA384
ECDHE_ECDSA_AES_128_GCM_SHA256
ECDHE_ECDSA_AES_256_GCM_SHA384
ECDHE_RSA_AES_256_CBC_SHA384
ECDHE_RSA_AES_128_GCM_SHA256
ECDHE_RSA_AES_256_GCM_SHA384
TLS_AES_128_GCM_SHA256
(TLSv1.3)TLS_AES_256_GCM_SHA384
(TLSv1.3)TLS_CHACHA20_POLY1305_SHA256
(TLSv1.3)TLS_AES_128_CCM_SHA256
(TLSv1.3)TLS_AES_128_CCM_8_SHA256
(TLSv1.3)
10.5.0.6
The following information is a summary of the new features that are added since 10.5.0.5.
- Changed the new UI to full support.
- Previously, the new UI was a technology preview. The new UI is functionally equivalent to the WebGUI. The WebGUI is announced for deprecation.
- Added the probe utility to the new UI.
- The probe in the new UI is a different implement than the probe in the WebGUI. As different implementation, each has a different setup to enable the capture of transaction data for diagnostics. As different implementations, they are incompatible. For more information, see The probe.
- Added ability to flush the buffer for analytics endpoints.
- When you view the status provider for analytics endpoints, you can flush the buffer for specific analytics endpoints. The buffer contains the collected API event data to send to the analytics server. For more information, see Viewing details about analytics endpoints.
- Added settings to the parameter property of API operation and API path.
- When you define a parameter for an API operation or API path, you can now define the following settings.
- The uppermost limit of the parameter. This setting applies to
integer
,number
, andstring
parameter types.- An
integer
ornumber
instance is valid when its value is less than or equal to this value. - A
string
instance is valid when its length is less than or equal to this value.
- An
- The lowermost limit of the parameter. This setting applies to
integer
,number
, andstring
parameter types.- An
integer
ornumber
instance is valid when its value is greater than or equal to this value. - A
string
instance is valid when its length is greater than or equal to this value.
- An
- The pattern as a valid regular expression of the parameter. A
string
instance is valid when the pattern matches the instance. - The allowed values of the parameter. A
string
instance is valid when its value matches at least one element in the array. To specify an array of elements, separate each element with the + character.
- The uppermost limit of the parameter. This setting applies to
- Added GatewayScripts APIs to check whether
Content-Type
in a message a JSON or XML media type. - When you use a GatewayScript file to manage context for an API gateway, you can use the
following APIs to check the media type of the
Content-Type
header in a message.- context.isJSON()
- context.isXML()
10.5.0.5
The following information is a summary of the new features that are added since 10.5.0.3. No new
features were added in 10.5.0.4.
- Added ability to specify a proxy server to connect to API Manager.
- When you configure the API Connect gateway service, you can specify a proxy server to connect to API Manager. For more information, see Configuring the API Connect gateway service.
- Enhanced analytics endpoint to support idle timers and retrieve a JWT from a management platform endpoint.
- When you configure an analytics endpoint, you can define the following behaviors.
- When you configure an analytics endpoint that uses the
http
protocol, you can define the intra-transaction timeout, support the negotiation of persistent connections, and, when negotiation supported, define the inter-transaction timeout. For more information, see Configuring an analytics endpoint to use HTTP to offload API event data. - When you configure an analytics endpoint that uses the
https
protocol, you can define the intra-transaction timeout, support the negotiation of persistent connections, and, when negotiation supported, define the inter-transaction timeout. For more information, see Configuring an analytics endpoint to use HTTPS to offload API event data. - When you configure an analytics endpoint that uses the
dpkafka
protocol, you can define the intra-transaction timeout. For more information, see Configuring an analytics endpoint to connect to a Kafka cluster. - When you configure an analytics endpoint that uses the
http
orhttps
protocol, you can define settings to retrieve a JWT from a management platform endpoint. For more information, see Defining JWT settings for an analytics endpoint.
- When you configure an analytics endpoint that uses the
- Added actions to validate and update the count of remaining allowed requests for a rate or count limit definition.
- When you add a domain-named rate or count limit definition to an assembly, you can specify actions to validate and update the count of remaining allowed requests. For more information, see Adding a rate limit assembly action.
- Added ability to enforce all headers in API contexts as case-insensitive.
- When you configure an API definition, you can control whether to enforce all headers or only
headers in the
message.headers
andrequest.headers
contexts in case-insensitive. For more information, see Configuring compatibility with v5-compatible APIs. - Added ability to manage SSH revoked keys for SSH authentication.
- After you configure RBM settings for SSH authentication of CLI sessions, you might need to manage the list of SSH revoked keys. By managing this list, you can avoid replacing the CA-signed user certificate that requires the distribution of public keys to all client, you can revoke specific OpenSSH keys. For more information, see Managing the SSH revoked keys list for authenticating CLI sessions.
- Added ability to secure JDBC connections to Oracle data sources.
- When you configure an Oracle data source, you can define how to secure JDBC connections to the remote server. For more information, see Creating an Oracle data source.
- Added the save running-config command to save the running domain configuration to a file.
- You can use the new global save running-config command to save the running domain configuration to a file in the temporary: directory. This command is useful because the running configuration might contain configuration data that is marked as external. These files are for only debugging purposes. For more information, see save running-config.
- Added ability to use the
$type()
function in JSONata expressions. - When you use JSONata notation in assembly actions, you can use the
$type()
function to return strings that represent data types that are contained in the API context. For more information, see JSONata and assembly actions. - Added ability to specify strict UTF-8 encoding for JSON documents.
- When you configure parse settings, you can specify whether to enforce strict UTF-8 encoding throughout the entire JSON document. For more information, see Creating parse settings.
- Added XSLT extensions to manage caches for the API gateway.
- You can use the following XSLT extension function in custom stylesheet to manage the document
and stylesheet caches for an API gateway.
- apigw:check-apigw-stylesheet-cache-entry()
- apigw:export-apigw-document-cache()
- apigw:clear-apigw-ss-cache()
- apigw:flush-apigw-documents()
- apigw:flush-apigw-expired-documents()
- apigw:import-apigw-document-cache()
- apigw:invalidate-apigw-cached-documents()
- Upgraded support for IBM Sterling Transformation Extender.
- The IBM
DataPower Gateway supports Transformation Extender
version 10.1.2 and the following version of extender packs.
- Financial Payments 10.2.1
- Financial Payments PLUS 10.2.1
- Healthcare 10.2.1
- Supply Chain EDI 10.2.1
10.5.0.3
The following information is a summary of the new features that are added since 10.5.0.2.
- Added ability to define a gateway-peering group and assign it to a gateway-peering instance.
- When you configure a gateway-peering instance, you can define and associate a gateway-peering
group. This group defines the peers in a peer group or the nodes in a cluster. Beyond members, you
can define the crypto artifacts to use TLS to secure connections among member to synchronize data.
- To define a gateway-peering instance for a peer group, see Creating a peering instance in peer mode.
- To define a gateway-peering instance for a cluster, see Creating a peering instance in cluster mode.
- Added ability to retrieve JWKS data from API Manager to validate JWT tokens.
- When you configure the API Connect gateway service, you can specify the URL to retrieve JWKS data to validate the JWT token from API Manager. When you specify a URL, you can specify whether transactions fail when JWT validation fails. For more information, see Configuring the API Connect gateway service.
- Enhanced rate limits.
-
- When you configure a rate limit definition, you can specify whether to configure a rate limit, burst limit, or count limit scheme. For more information, see Configuring a rate limit definition.
- When you configure an API plan, you can specify whether to use rate limit definitions instead of defining limits in the plan. For more information, see Creating an API plan.
- Added ability to secure ODBC connections to Microsoft SQL Server or Oracle data sources.
- When you configure a Microsoft SQL Server or an Oracle data source, you can define how to secure
ODBC connections to the remote server.
- For Microsoft SQL Server, see Creating a Microsoft SQL Server data source.
- For Oracle, see Creating an Oracle data source.
- Added ability to specify ECDSA algorithms to sign outbound messages.
- When you define the algorithm to sign outbound messages, you can specify ECDSA signatures. This
change applies for the following configurations.
- With the SAML signature algorithm on a sign action
- With the outbound ebMS signature algorithm on a B2B partner
- With the outbound ebMS3 signature algorithm on a B2B partner
- Added ability to specify the asymmetric key transport algorithm to encrypt outbound ebMS messages.
- When you configure the destination for a B2B partner profile, you can specify the asymmetric key
transport algorithm that encrypts outbound ebMS3 messages. During configuration, you can specify one
of the following algorithms.
http://www.w3.org/2001/04/xmlenc#rsa-1_5
- RSA Version 1.5 key transport identifier.
http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p
- RSA-OAEP key transport identifier, including MGF1 with SHA1 mask generation function.
http://www.w3.org/2009/xmlenc11#rsa-oaep
- RSA-OAEP key transport identifier and the algorithm for the mask generation function.
- Added the custom scalar type
JSON
for GraphQL APIs. - You can use the custom scalar type
JSON
to specify accepted JSON payloads. For more information, see Extensions to GraphQL. - Enhanced failure notification to always generate an error report at startup.
- When you deploy a DataPower Gateway, the default configuration is to always generate an error report at startup without the internal state data. This enhancement does not apply to any upgrade. Therefore, review your configuration to ensure appropriate setup. For more information, see Configuring failure notification.
- Added APIs to manipulate attachments in a message object.
- The message object provides APIs and properties to manipulate message attachments. For more information, see Manipulating attachments in a message object.
10.5.0.2
The following information is a summary of the new features that are added since 10.5.0.1.
- Added firmware images to support 8436 appliances for only migration purposes.
- The 10.5.0.2 firmware image for 8436 appliances is supported only for migrating to a newer appliance type. To migrate between appliance types, use the secure backup and restore procedures. After you install the 10.5.0.2 image and log in, the Firmware version IDG.10.5.0.2 is supported only for migration message is displayed. For more information, see Knowledge collection - appliance upgrade.
- Added firmware images to support DataPower Gateway for Linux.
- The DataPower firmware images are supported on only Red Hat® Enterprise Linux 8. You cannot upgrade the operating system to version 8 from an earlier
version. You must do a side-by-side migration.
- You can use the export and import utilities, but the export operation does not include users, keys, or certificates.
- If you previously mounted the config: and local: directories, you can create an archive file and move the files. Depending on how your domain and users are configured, the configuration of local users might be in this data.
- You cannot use the secure restore and secure backup utilities. You cannot use the backup package from 10.0.1.x to restore on 10.5.0.x.
- Added ability to specify a range of HTTP status codes for API operation response schemas.
- When you define response schemas in an API operation configuration, you can use an expression to specify a range of HTTP status codes that represents a response class. For more information, see Configuring an API operation.
- Added option to recount the bytes of the response payload in captured transaction data.
- When you configure a log assembly action, you can specify whether to recount the bytes of the
response payload if this value is different from the value of the
Content-Length
header. For more information, see Adding a log assembly action to capture transaction data. - Added the custom scalar type
Date
for GraphQL APIs. - You can use the custom scalar type
Date
to define custom scalars that specify dates. For more information, see Extensions to GraphQL. - Added support for the HTTP
TRACE
method for API operations and assembly actions. - When you configure an API operation, an invoke assembly action, or an operation switch assembly
action, you can specify
TRACE
as an HTTP method.
10.5.0.1
The following information is a summary of the new features that are added since 10.5.0.0.
- Change in feature to process IBM Sterling Transformation Extender maps with a binary transform action.
- The support to process IBM Sterling Transformation Extender maps with a binary transform action is no longer included as a feature in Integration Module or B2B Module. If your existing configuration contains a processing rule that includes a binary transform action to process Transformation Extender maps, contact IBM Support. The support representative can grant you access to download and activate the new Transformation Extender Module. To validate whether you need this new module, export your complete configuration and search each domain configuration file for the tx-map command. For more information, see Add-on module management.
- Added the crypto.ramdomUUID method to the GatewayScript crypto module.
- The crypto.ramdomUUID method in the GatewayScript crypto module generates a random version 4 UUID (Universal Unique Identifier) per RFC 4122. For more information, see crypto module.
- Added ability to return information about rate limits in burst limit response headers.
- When you configure a rate limit definition, you can specify to return information about the limit in burst limit response headers rather than in rate limit response headers. For more information, see Configuring a rate limit definition.
- Added the custom scalar type
DateTime
for GraphQL APIs. - You can use the custom scalar type
DateTime
to define custom scalars that specify date and time. For more information, see Extensions to GraphQL. - Added ability to specify a parse settings configuration in a map assembly action.
- When you configure a map assembly action, you can specify to use a parse settings configuration to apply constraints on documents to parse. For more information, see Adding a map assembly action.
- Added ability to specify an action to apply to limits in a rate limit definition group
- When you configure a rate limit assembly action to use a rate limit definition group, you can specify to consume or replenish all rate limits referenced in the group. For more information, see Adding a rate limit assembly action.
10.5.0.0
The following information is a summary of the new features that are added to the 10.5.0 LTS stream in 10.5.0.0.
- Ability to add 8496 appliances to your environment.
- Ability to purchase and add the new 8496 appliances to your environment. You cannot install a firmware version earlier than 10.5.0.1 on these appliances. For more information, see Appliance installation.
- Added another DataPower graphical interface. The new interface is based on Carbon design and is provided as a technology preview.
- Instead of using the original WebGUI interface, you can use the new interface. The new interface
is a REST-based interface that is based on Carbon design. To log in to the new UI and RBM uses local
user groups, the access profile must contain an access policy that grants read permission to the
default
domain. For more information, see Graphical interfaces. - Added support for Safari, Chrome, and Edge browsers.
- When you access a DataPower graphical interface, you can use the newest release of the following browsers.
- Apple Safari
- Google Chrome
- Microsoft Edge
- Mozilla Firefox
- Added extract assembly action to transform content from the API context.
- The extract assembly action transforms content from fields in the API context. You use JSONata expressions to specify the fields and how to transform the content. For more information, see Adding an extract assembly action.
- Added enforcement mode for rate limit definition groups.
- You can specify how to enforce rate limits when one or more of the limits in the group is exceeded. For more information, see Configuring a rate limit definition group.
- Added ability to use a rate limit definition group as a source for the rate limit assembly action.
- When you configure a rate limit assembly action, you can specify a rate limit definition group as the source of the rate limits for the action. For more information, see Adding a rate limit assembly action.
- Added ability to specify a rate limit short name to include in rate limit response headers.
- When you configure a rate limit definition, you can specify a short name that is included in rate limit response headers. For more information, see Configuring a rate limit definition.
- Added ability to limit the number of concurrent SSH CLI connections.
- When you configure the SSH service, you can specify the maximum number of concurrent SSH CLI connects to support. For more information, see Managing the SSH service.
The following information is a summary of the new features that were added to the 10.0 CD stream
in the 10.0.4 update package and are not in the 10.0.1 LTS stream. These features are new if you
upgrade to the 10.5 LTS stream from 10.0.1.9 or later.
- Added ability to protect APIs with HTTP bearer authentication.
- When you protect APIs by defining security requirements, you can define an HTTP bearer authentication security definition. The Bearer authentication security scheme is defined in OpenAPI 3.0. When you define Bearer authentication, an external validation endpoint validates JWT bearer tokens. For more information, see Defining a security definition for HTTP bearer authentication.
- Added ability to define whether multiple calls from the same stylesheet return the same result when you define an API gateway.
- When you configure an API gateway, you can control whether multiple calls from the same stylesheet return the same result. XSLT specifications require that multiple document calls in the same stylesheet return the same result. For more information, see Configuring an API gateway.
- Added ability to define the load balancer group to provide redundancy among target resources when you define an API gateway.
- When you configure an API gateway, you can associate a load balancer group, or server pool, to provide redundancy to target resources. For more information, see Configuring an API gateway.
- Added ability to define the schedule to run specific processing rules when you define an API gateway.
- When you configure an API gateway, you can define the schedule to run specific processing rules. For more information, see Configuring an API gateway.
- Added status providers to view stylesheet compilation statistics for API gateway services.
- When an API gateway uses compiled stylesheets or WSDL files, you can view statistics about compilation mean time and count. For more information, see API cache status and compilation statistics.
- Added status providers to view details about analytics endpoints.
- When you use API analytics that offload data to an analytics endpoint, you can use the analytics endpoint status provider to view details about all analytics endpoints. From this status provider, you can reset the counters for a specific analytics endpoint. For more information, see Viewing details about analytics endpoints.
- Added GraphQL execute assembly action to process a GraphQL schema.
- You can use the GraphQL execute assembly action with Query and Mutation query types to process both the introspection and main queries in a schema in the same request. For more information, see Adding a GraphQL execute assembly action.
- Added rate limit definition groups.
- When you configure API plans and API operation rate limits, you can add rate limit definitions
to a group for rate-limit enforcement.
- Configuring a rate limit definition group. For more information, see Configuring a rate limit definition group.
- Specifying a rate limit definition group to enforce preflow rate limits on all APIs in an API plan. For more information, see Creating an API plan.
- Specifying a rate limit definition group to override the rate limit scheme for an API operation. For more information, see Adding an API operation rate limit.
- Added ability to specify whether to enable rate limit response headers in a rate limit definition.
- When you configure a rate limit definition, you can specify whether to enable HTTP response headers that include rate limit information. For more information, see Configuring a rate limit definition.
- Added ability to customize the value of the
Access-Control-Expose-Headers
response header. - When you configure a CORS rule, you can specify values to append to the
Access-Control-Expose-Headers
response header value. For more information, see Configuring a CORS rule. - Added JSONata extension functions to support GraphQL APIs.
- When you use JSONata notation in assembly actions, you can use extension functions to retrieve elements from GraphQL messages. For more information, see JSONata and assembly actions.
- Added the custom scalar type
Long
for GraphQL APIs. - The custom scalar type
Long
allows the use of integers that are lesser or greater than the default scalar typeInt
. For more information, see Extensions to GraphQL. - Added the
@scalarParam
directive to customize GraphQL custom scalar types. - The
@scalarParam
directive customizes custom scalar types. For more information, see Extensions to GraphQL. - Added assembly property to specify the final API rule to apply to API calls.
- When you configure an assembly, you can specify the final API rule to apply to the API call after the processing of the main rule, the catch rule, or both rules. For more information, see Configuring an assembly.
- Added API gateway properties to specify timeout times for client connections.
- When you configure an API gateway, you can specify the timeout times for client connections and persistent TCP connections. For more information, see Configuring an API gateway.
- Added the
file
parameter type for API operations. - When you configure an API operation, you can specify file parameters. For more information, see Configuring an API operation.
- Added ability to set the key type for key authentication with SSH for known hosts.
- When you add a known host to the SSH known host table, you can specify the key type for
authentication with SSH. In earlier releases, only the
ssh-rsa
key type was supported. You can manage the overall known host table and the known host table for SSH client profiles. - Added GatewayScript
amqp
module. - The GatewayScript
amqp
module encapsulates the Red Hat Rhea library. This module provides the APIs to encode and decode AMQP annotation headers and AMQP application properties. You can use the APIs in this module to work with the full AMQPType
system for the proper decoding and encoding of AMQP payloads. For more information, see GatewayScript amqp module. - Added dp:check-stylesheet-cache-entry() extension function.
- The dp:check-stylesheet-cache-entry() extension function validates whether compiled stylesheets are in the stylesheet cache of an XML manager. For more information, see dp:check-stylesheet-cache-entry().
- Added the
listVariables()
function to the GatewayScriptcontext
object. - The
context
object functionlistVariables()
returns an array of variable names. For more information, see context object for traditional DataPower services.