What's new in the 10.0 CD stream

The IBM® DataPower® Gateway 10.0 CD stream offers the following new features and enhancements. The 10.0 CD stream is different from the 10.0.1.x long-term support (LTS) release stream.

For a list of resolved APARs, see Update packages for DataPower Gateway version 10.0.x.x.

For integration with API Connect, DataPower Gateway and API Connect releases must be on the same CD release.

  • June 2021 (10.0.3 CD release), which replaces the 10.0.2 CD release
    • Added multiple properties and actions to the API gateway for cache control and management
    • Added cluster-based gateway peering for API rate limiting
    • Added password alias to secure gateway peering data stores
    • Added the ability to configure rate limit definitions for a domain
    • Added ability to configure compile settings for the assembly validate and assembly XSLT actions
    • Added API definition property to specify the allowed protocols for incoming requests
    • Added ability to preserve custom request and response headers for logging to analytics
    • Added ability to return raw body payloads
    • Added ability to modify request headers and parameters in preflow actions
    • Added ability to include the message payload in JSONata expressions
    • Added assembly invoke property to enable HTTP persistent connections
    • Expanded ability to specify the type of payload to send for GraphQL messages
    • Added assembly log action property to specify the type of content to log
    • Added assembly throw properties to rethrow an error
    • Added ability to check group membership for an authenticated user in the API LDAP registry
    • Added extension function to list the first level of variable names in the assembly context
    • Added status provider to view information about GatewayScript run times
    • Added ability to set the capacity of the stylesheet cache by size
    • Added password alias to secure the quota enforcement data stores
  • March 2021 (10.0.2 CD release)
    • Added WebSocket upgrade assembly action to allow WebSocket upgrade requests that can manage GraphQL API processing data
    • Added assembly invoke property to specify the type of payload to send for GraphQL POST requests
    • Added API collection property to define the URL to the Developer Portal
    • Added status provider to view details about and delete API OAuth caches
    • Added API LDAP registry property to indicate how to create the user for authentication
    • Added batch size and commit to offset store controls to Kafka processing.
    • Added support to define SSH authentication for CLI sessions
    • Added property to define the local address for use in network connectivity tests

For summary information about the features added, see the linked information.

June 2021 (10.0.3 CD release)

The following information is a summary of the features added to the 10.0.x.x CD stream in June 2021 that are not part of the 10.0.1 LTS stream. The 10.0.3 CD release replaces the 10.0.2 CD release.

Added multiple properties and actions to the API gateway for cache control and management
When you configure the API gateway, you can define the following capabilities.
  • Capacity and behavior for the stylesheet cache
  • Maximum concurrent writes to the document cache
  • Document cache policies
  • LDAP pool cache
  • Connection or proxy policies
From the API gateway you can run the following actions against the caches.
  • Flush expired documents from the document cache
  • Invalidate documents in the document cache
  • Export documents in the document cache to a file
  • Import documents from a file to the document cache
  • Flush the LDAP pool cache
[Learn new information]Learn more...
Added cluster-based gateway peering for API rate limiting
When you configure a gateway peering instance, you can define it as cluster-based instead of peer-based. The minimal configuration is 3 primary-secondary node pairs, where each node pair is a shard that manages a subset of slots. Cluster-based gateway peering applies to only API rate limiting. [Learn new information]Learn more...
Added password alias to secure gateway peering data stores
When you configure a gateway peering instance, you can assign a password to secure the data store. If not specified, the system default is used. [Learn new information]Learn more...
Added the ability to configure rate limit definitions for a domain
You can configure assembly-specific rate limit definitions for a domain. When you configure an assembly rate limit action, you can specify to use domain-named rate limit definitions and select which definitions to use. [Learn new information]Learn more...
Added ability to configure compile settings for the assembly validate and assembly XSLT actions
You can configure customized compile settings for the assembly validate and assembly XSLT actions to override the compile settings defined in the XML manager. [Learn new information]Learn more...
Added API definition property to specify the allowed protocols for incoming requests
When you configure an API definition, you can specify the protocols that incoming requests can use to invoke the API. [Learn new information]Learn more...
Added ability to preserve custom request and response headers for logging to analytics
When you configure an API definition, you can specify custom request and response headers to preserve for logging to analytics. [Learn new information]Learn more...
Added ability to return raw body payloads
When you configure an API definition, you can specify whether to get the raw body instead of parsing when using the GatewayScript apim.getvariable() API. [Learn new information]Learn more...
Added ability to modify request headers and parameters in preflow actions
You can modify the values of request headers and parameters in preflow actions. When modified, the request.original.headers.name and request.original.parameters.name.values variables are created to contain the original values. [Learn new information]Learn more...
Added ability to include the message payload in JSONata expressions
You can add the message payload to JSONata expressions used in assembly actions. [Learn new information]Learn more...
Added assembly invoke property to enable HTTP persistent connections
When you configure an assembly invoke action, you can specify whether to enable HTTP persistent connections. [Learn new information]Learn more...
Expanded ability to specify the type of payload to send for GraphQL messages
When you configure an assembly invoke action, you can specify the type of payload to send for GraphQL POST requests when the HTTP method is set to POST or KEEP and the backend type is set to GraphQL or Detect. [Learn new information]Learn more...
Added assembly log action property to specify the type of content to log
When you configure an assembly log action, you can specify the type of content to log. [Learn new information]Learn more...
Added assembly throw properties to rethrow an error
When you configure an assembly throw action, you can specify an HTTP status code and HTTP reason phrase to rethrow an error. [Learn new information]Learn more...
Added ability to check group membership for an authenticated user in the API LDAP registry
When you configure an API LDAP registry, you can configure whether you want to enable group authentication. When enabled, you can define the configuration type for authentication. Based on selected type, the data required for the check. [Learn new information]Learn more...
Added extension function to list the first level of variable names in the assembly context
You can use the XSLT apigw:list-variables() extension function to list the first level of variable names in the assembly context for the API gateway. [Learn new information]Learn more...
Added status provider to view information about GatewayScript run times
You can access the GatewayScript runtime status provider to view details about GatewayScript run times. [Learn new information]Learn more...
Added ability to set the capacity of the stylesheet cache by size
When you configure the stylesheet cache in an XML manager, you can define the maximum size for the cache. Previously, the capacity of the stylesheets cache was limited to stylesheet count. [Learn new information]Learn more...
Added password alias to secure the quota enforcement data stores
When you configure the quota enforcement server, you can assign a password to secure the data store. If not specified, the system default is used. [Learn new information]Learn more...

March 2021 (10.0.2 CD release)

The following information is a summary of the features added to the 10.0.x.x CD stream in March 2021 that are not part of the 10.0.1 LTS stream.

Added WebSocket upgrade assembly action to allow WebSocket upgrade requests that can manage GraphQL API processing data
In the WebSocket upgrade assembly action, you can specify separate assemblies to process GraphQL subscription request and response data. When this action is added to an assembly, it is not necessary to configure the assembly invoke action to allow WebSocket upgrade requests. [Learn new information]Learn more...
Added assembly invoke property to specify the type of payload to send for GraphQL POST requests.
When GraphQL or JSON is specified, this setting overrides the content type of the request. [Learn new information]Learn more...
Added API collection property to define the URL to the Developer Portal
When configuring an API collection, you can optionally define the URL to the Developer Portal endpoint. This endpoint is the Developer Portal node of API Connect. For example, you can use this endpoint to provide security credentials for access to an API. [Learn new information]Learn more...
Added status provider to view details about and delete API OAuth caches
You can access the API OAuth caches status provider to view details about API OAuth caches. From this status provider, you can delete a cache associated with a third-party OAuth provider. [Learn new information]Learn more...
Added API LDAP registry property to indicate how to create the user for authentication
When configuring the API LDAP registry, you can indicate how to create the user for authentication. You can choose one of the following methods, where an LDAP search is the default selection. Based on your selection, the required configuration the referenced LDAP search parameters differs.
  • Compose DN from user name
  • Compose UPN from user name
  • Search LDAP for DN of user name
[Learn new information]Learn more...
Added batch size and commit to offset store controls to Kafka processing.
When configuring the Kafka cluster, you can control whether to commit offsets to the offset store at the defined interval or at process-completion. When set to commit at process-completion, you can set the batch size for the Kafka handler. The batch size is the number of messages that the handler processes as a batch. The handler attempts to retrieve the number of specified messages from the consumer and processes these messages as a batch. [Learn new information]Learn more...
Added support to define SSH authentication for CLI sessions
When defining RBM settings, you can define SSH authentication for CLI sessions. You can retain the existing username and password behavior or you can select a different behavior.
  • Change to use password authentication
  • Change to use user certificate authentication
  • Change to attempt user certificate authentication and, if unsuccessful, attempt password authentication
[Learn new information]Learn more...
Added property to define the local address for use in network connectivity tests
When debugging network connectivity issues, you can control which local address to use during these connectivity tests. The new local address property is part of the following tools and commands.
  • The Ping Remote tool and the ping command.
  • The traceroute command.
  • The TCP Connection Test tool and the test tcp-connection command.
[Learn new information]Learn more...