About this Release¶
WSO2 API Manager is a complete platform for building, integrating, and exposing your digital services as managed APIs in the cloud, on-premise, and hybrid architectures to drive your digital transformation strategy. It comes with a cloud-native, standards-based messaging engine, and an integration framework for integrating APIs, services, data, SaaS, proprietary, and legacy systems and it can also serve streaming-based integrations. The product comes with command-line and developer tools that enable easy design, development, and testing.
WSO2 API Manager 4.1.0 is the latest WSO2 API Manager release and is the successor of WSO2 API Manager 4.0.0.
For more information on WSO2 API Manager, see the overview.
Downloads¶
New features¶
API Governance¶
Management of real-time APIs on Solace
WSO2 API Manager 4.1.0 now supports integrating external third-party Gateways and Brokers. Solace is an advanced event broker that is efficiently streaming events and information across cloud, on-premises, and IoT environments.
Develop an integration from a managed API
With the API Manager 4.1.0 release, you can create an integration using a managed API and configure the integration service endpoint to the managed API. This is the top-down approach in API first integration.
Publishing third-party APIs on the Developer Portal
WSO2 API Manager provides the capability to publish APIs that are deployed in an external Gateway. Since these APIs are not deployed in the WSO2 API Gateway, the API will not be proxied through the Gateway.
A read-only mode for API Publisher
This feature allows a user who has view/read-only permissions to only view the API, API Product, and Service details in the Publisher portal. This user can also review all the analytics-related details.
Mock API implementation support considering API definition in Choreo Connect
This Mock API Implementation allows you to generate mock responses based on the examples provided in the OpenAPI specification that will mock the API responses.
API Security¶
API consumer authorization with Open Policy Agent (OPA)
You can now offload some of the decision-making responsibilities to OPA on whether to authorize a consumer or not when they invoke APIs based on policies attached to APIs.
Authentication support for API invocation using the Token Exchange approach
You can now get an API Manager token by invoking the token endpoint of API Manager with the required parameters (i.e., the token obtained from an external Identity Provider) and invoking the API with the exchanged token.
API Policies¶
Operation level policy support for APIs
With the API Manager 4.1.0 release, we introduce fine-grained and easy to manage policies for operations. We move away from the concept of attaching a policy at the API level (i.e., API level mediation policies) and now can attach multiple policies at the operation level itself.
Integration¶
WSDL to REST conversion support in Integration Studio
With API Manager 4.1.0, you now have a hybrid environment where some system APIs exist as SOAP-based web services that can also have a REST interface defined.
Exposing an integration SOAP service as a managed API
WSO2 API Manager includes a Service Catalog where developers can register their backend services as Managed APIs. Through the Service Catalog, now SOAP integration services are made discoverable to the API Management layer so that SOAP PassThrough API proxies can directly be created using them.
Authorization support via secondary user stores in Micro Integrator
Users can now deploy secondary user stores in Micro Integrator and use those users and roles in authorization use cases.
Auto-generation support for data services using a given data source in Integration Studio
This feature allows you to generate data service definitions by pointing to an existing data source in the workspace without creating it from scratch.
Event Driven Architecture¶
Support for GraphQL subscription operations
WSO2 API Manager 4.1.0 supports GraphQL subscription operations, which extends GraphQL APIs for push-based solutions. In GraphQL subscriptions, clients send long-lasting GraphQL read operations and get updated results whenever a particular server-side event occurs. Commonly, updated results are pushed from the server to the subscribing clients via WebSockets, where the server holds a steady connection with the client.
API Analytics¶
Publishing analytics events to external systems
Instead of publishing analytics events to the cloud, it is now possible to log the same events and publish them to external systems like ELK. You can create a sample, configure the created sample with API Manager or Choreo Connect, and publish it to the external system.
Monitoring¶
Logging messages per API
WSO2 API Manager 4.1.0 enables a simple way to observe requests and responses going through the WSO2 API Gateway by introducing this lightweight feature called API Logs.
Maintaining audit logs for the Micro Integrator Management API
The audit log capability allows you to add logging for the Micro Integrator Management API. Maintaining audit logs allows you to identify the changes that took place in the Micro Integrator instance and also to identify who made those changes.
Other¶
GitHub integration for Choreo Connect
This feature allows you to deploy APIs from a GitHub repository by starting Choreo Connect and pointing to source control systems such as GitHub, Gitlab, and Bitbucket.
Improvements¶
Lifecycle support for API Products
WSO2 API Manager provides distinct lifecycle states for the API during the API development process. A lifecycle state can now be specified for each API Product you create.
Authentication support for Prototype APIs
Authentication for Prototype APIs is available by default so that the client apps can also be created using authentication to test out the APIs. If needed you can disable authentication for Prototype APIs at the resource level or API level.
Single Sign-On support for the monitoring dashboard using OpenID Connect
Users can use OIDC-based Single Sign-On to log in to the WSO2 Micro Integrator Monitoring Dashboard.
Support for admin privileges in the file-based user store
The default user store of the Micro Integrator is file-based. This enables users to grant admin privileges to a user in the file-based user store.
Monitoring deployed data sources in Micro Integrator runtimes
Users can identify the data sources that are deployed in Micro Integrator Runtimes directly from the dashboard.
PKCE support when generating application keys
WSO2 API Manager supports Proof Key for Code Exchange (PKCE) when generating application keys. This is a security measure to secure the applications that are executing in the same domain.
Ability to configure Rate Limiting for an API Gateway cluster
Ability to configure Rate Limiting for an API Gateway Cluster via the Redis server so that the request counters maintained for burst control and backend rate limiting will be replicated across the API Gateway cluster when working with multiple API Gateway nodes.
Tenant configurations migration from the registry to the database
You can now perform more advanced configurations for tenant configuration migration from the registry to the database.
File Inbound Endpoint subdirectory processing capability
VFS Inbound Endpoints are capable of handling files inside subdirectories of the specified URL. This enables users to process files recursively inside a directory.
Improve Service Catalog to work with Hot Deployments
You can now publish services to Service Catalog for hot deployments and include metadata files of the selected artifacts.
Support to change lifecycle state of API Products using apictl
You can now change the status of an API or API Product in an environment using apictl.
Exposing proxy services via the Service Catalog
This feature generates metadata artifacts for the APIs and Proxy services that have been created inside older Integration Studio workspaces.
Support for SMB and WebDAV protocols
This feature adds support to read from or write to files opened via SMB and WebDAV protocols.
Support Protobuf map-type for Kafka
This improvement adds support to decode Protobuf messages via a schema registry with Kafka.
Deprecated features and functionalities¶
These features are deprecated and will be removed from subsequent versions of WSO2 API Manager.
- Generate REST API from SOAP Backend
- Hazelcast Based Gateway Clustering
Removed features and functionalities¶
These features are unsupported and removed from WSO2 API Manager 4.1.0 onwards.
-
DAS Message Tracer
The message tracer feature for WSO2 DAS is no longer supported and removed from the product.
Compatible WSO2 product versions¶
- WSO2 API Manager 4.1.0 is compatible with WSO2 Identity Server 5.11.0.
- WSO2 API Manager 4.1.0 is compatible with Choreo Connect 1.1.0.
Fixed issues¶
- API Manager
- Micro Integrator
- Streaming Integrator
- API Controller
- Integration Studio
- Micro Integrator Dashboard
- Streaming Integrator Tooling
- Choreo Connect
Known issues¶
- API Manager
- Micro Integrator
- Streaming Integrator
- API Controller
- Integration Studio
- Micro Integrator Dashboard
- Streaming Integrator Tooling
- Choreo Connect
What has changed¶
WSO2 API Manager Server 4.1.0 brings a range of new features and major improvements. The following aspects have changed in 4.1.0 compared to the previous WSO2 API-M versions. This section provides details about those behavioral changes.
Mediation policies migration¶
With 4.1.0 release, WSO2 API manager has realigned its previous API level mediation policies feature to a more sophisticated policy feature which provides support for not only mediation policies, but a vast number of different use cases. Instead of API level policy allocation, the new feature supports policies at the operation level for regular gateway (synapse based) and at resource level for the Choreo Connect gateway. With this support, previous mediation policy support via Admin REST APIs is no longer available, instead publisher REST API operation-policies support the same functionality. Publisher UI mediation policies which were displayed under runtime configuration has been removed and it is moved to a separate tab called policies. Therefore, you will be able to see the mediation policies in previous apim versions under policies UI.
Major functionalities of the new policies feature are listed below.
- A new UI to manage common policies which can be shared across all the APIs.
- An interactive UI in the API configurations to allocate the policies.
- Increased granularity for the policy allocation which is spread until operation level.
- Ability to apply multiple policies for a single operation and has an interactive UI to manage the policy execution order.
- Ability to parameterize the policies with dynamic values and reuse the same policy across different operations with different configurations.
With these new features, we have removed the API level mediation policies and if you need to apply a policy with the same configurations across the API, you can do so by selecting the Apply to all resources option.
Previous mediation related resources from the Publisher and Admin REST API have been removed and you can achieve the same functionality via the operation-policies resource in the Publisher REST API.
Mediation policies that you have attached to API types other than REST, i.e., SOAP, GraphQL, etc., will no longer be manageable after you have migrated to 4.1.0. With the API Policies feature, the policy support was only provided for REST APIs and extending the same for other API types is still in the roadmap, and we hope to send a WUM update to 4.1.0 to add this support.
For API types excluding REST APIs
For APIs like SOAP, GraphQL, etc., even though the functionality is still intact (runtime is not affected), the design time is affected as you can no longer manage policies using the UI, or the file system. To further elaborate on this, if you had policies attached to an API and you've migrated to 4.1.0, those policies are still attached to the said API, but they are immutable.
APICTL Project structure has been changed and Sequences directory has been replaced with a new Policies directory. This policies directory contains the policies applied to the API at the operation level. Each policy has a specification file (yaml or json) which has all the meta information about the policy and a policy definition file (j2 file for regular gateway and gotmpl file for choreo connect) which contains the logic behind the policy. Policy allocation and policy order of each operation is recorded in the api.yaml file and if the policy is parameterized, values of each parameterized attribute are defined in this section.
For more information see, OPA policy support
GraphQL subscription¶
If the GraphQL subscription operations are available on your existing GraphQL APIs in 4.0.0, API-M 4.1.0 is supported for subscription opertaion under websocket flow.
For more information see, GraphQL subscription
Top