About this Release¶
WSO2 API Manager is a complete platform for building, integrating, and exposing your digital services as managed APIs in the cloud, on-premise, and hybrid architectures to drive your digital transformation strategy. It comes with a cloud-native, standards-based messaging engine, and an integration framework for integrating APIs, services, data, SaaS, proprietary, and legacy systems and it can also serve streaming-based integrations. The product comes with command-line and developer tools that enable easy design, development, and testing.
WSO2 API Manager 4.1.0 is the latest WSO2 API Manager release and is the successor of WSO2 API Manager 4.0.0.
For more information on WSO2 API Manager, see the overview.
Downloads¶
New features¶
API Governance¶
Management of real-time APIs on Solace
WSO2 API Manager 4.1.0 now supports integrating external third-party Gateways and Brokers. Solace is an advanced event broker that is efficiently streaming events and information across cloud, on-premises, and IoT environments.
Develop an integration from a managed API
With the API Manager 4.1.0 release, you can create an integration using a managed API and configure the integration service endpoint to the managed API. This is the top-down approach in API first integration.
Publishing third-party APIs on the Developer Portal
WSO2 API Manager provides the capability to publish APIs that are deployed in an external Gateway. Since these APIs are not deployed in the WSO2 API Gateway, the API will not be proxied through the Gateway.
A read-only mode for API Publisher
This feature allows a user who has view/read-only permissions to only view the API, API Product, and Service details in the Publisher portal. This user can also review all the analytics-related details.
Mock API implementation support considering API definition in Choreo Connect
This Mock API Implementation allows you to generate mock responses based on the examples provided in the OpenAPI specification that will mock the API responses.
API Security¶
API consumer authorization with Open Policy Agent (OPA)
You can now offload some of the decision-making responsibilities to OPA on whether to authorize a consumer or not when they invoke APIs based on policies attached to APIs.
Authentication support for API invocation using the Token Exchange approach
You can now get an API Manager token by invoking the token endpoint of API Manager with the required parameters (i.e., the token obtained from an external Identity Provider) and invoking the API with the exchanged token.
API Policies¶
Operation level policy support for APIs
With the API Manager 4.1.0 release, we introduce fine-grained and easy to manage policies for operations. We move away from the concept of attaching a policy at the API level (i.e., API level mediation policies) and now can attach multiple policies at the operation level itself.
Integration¶
WSDL to REST conversion support in Integration Studio
With API Manager 4.1.0, you now have a hybrid environment where some system APIs exist as SOAP-based web services that can also have a REST interface defined.
Exposing an integration SOAP service as a managed API
WSO2 API Manager includes a Service Catalog where developers can register their backend services as Managed APIs. Through the Service Catalog, now SOAP integration services are made discoverable to the API Management layer so that SOAP PassThrough API proxies can directly be created using them.
Authorization support via secondary user stores in Micro Integrator
Users can now deploy secondary user stores in Micro Integrator and use those users and roles in authorization use cases.
Auto-generation support for data services using a given data source in Integration Studio
This feature allows you to generate data service definitions by pointing to an existing data source in the workspace without creating it from scratch.
Event Driven Architecture¶
Support for GraphQL subscription operations
WSO2 API Manager 4.1.0 supports GraphQL subscription operations, which extends GraphQL APIs for push-based solutions. In GraphQL subscriptions, clients send long-lasting GraphQL read operations and get updated results whenever a particular server-side event occurs. Commonly, updated results are pushed from the server to the subscribing clients via WebSockets, where the server holds a steady connection with the client.
API Analytics¶
Publishing analytics events to external systems
Instead of publishing analytics events to the cloud, it is now possible to log the same events and publish them to external systems like ELK. You can create a sample, configure the created sample with API Manager or Choreo Connect, and publish it to the external system.
Monitoring¶
Logging messages per API
WSO2 API Manager 4.1.0 enables a simple way to observe requests and responses going through the WSO2 API Gateway by introducing this lightweight feature called API Logs.
Maintaining audit logs for the Micro Integrator Management API
The audit log capability allows you to add logging for the Micro Integrator Management API. Maintaining audit logs allows you to identify the changes that took place in the Micro Integrator instance and also to identify who made those changes.
Other¶
GitHub integration for Choreo Connect
This feature allows you to deploy APIs from a GitHub repository by starting Choreo Connect and pointing to source control systems such as GitHub, Gitlab, and Bitbucket.
Improvements¶
Lifecycle support for API Products
WSO2 API Manager provides distinct lifecycle states for the API during the API development process. A lifecycle state can now be specified for each API Product you create.
Authentication support for Prototype APIs
Authentication for Prototype APIs is available by default so that the client apps can also be created using authentication to test out the APIs. If needed you can disable authentication for Prototype APIs at the resource level or API level.
Single Sign-On support for the monitoring dashboard using OpenID Connect
Users can use OIDC-based Single Sign-On to log in to the WSO2 Micro Integrator Monitoring Dashboard.
Support for admin privileges in the file-based user store
The default user store of the Micro Integrator is file-based. This enables users to grant admin privileges to a user in the file-based user store.
Monitoring deployed data sources in Micro Integrator runtimes
Users can identify the data sources that are deployed in Micro Integrator Runtimes directly from the dashboard.
PKCE support when generating application keys
WSO2 API Manager supports Proof Key for Code Exchange (PKCE) when generating application keys. This is a security measure to secure the applications that are executing in the same domain.
Ability to configure Rate Limiting for an API Gateway cluster
Ability to configure Rate Limiting for an API Gateway Cluster via the Redis server so that the request counters maintained for burst control and backend rate limiting will be replicated across the API Gateway cluster when working with multiple API Gateway nodes.
Tenant configurations migration from the registry to the database
You can now perform more advanced configurations for tenant configuration migration from the registry to the database.
File Inbound Endpoint subdirectory processing capability
VFS Inbound Endpoints are capable of handling files inside subdirectories of the specified URL. This enables users to process files recursively inside a directory.
Improve Service Catalog to work with Hot Deployments
You can now publish services to Service Catalog for hot deployments and include metadata files of the selected artifacts.
Support to change lifecycle state of API Products using apictl
You can now change the status of an API or API Product in an environment using apictl.
Exposing proxy services via the Service Catalog
This feature generates metadata artifacts for the APIs and Proxy services that have been created inside older Integration Studio workspaces.
Support for SMB and WebDAV protocols
This feature adds support to read from or write to files opened via SMB and WebDAV protocols.
Support Protobuf map-type for Kafka
This improvement adds support to decode Protobuf messages via a schema registry with Kafka.
Deprecated features and functionalities¶
These features are deprecated and will be removed from subsequent versions of WSO2 API Manager.
Removed features and functionalities¶
These features are unsupported and removed from WSO2 API Manager 4.1.0 onwards.
-
DAS Message Tracer
The message tracer feature for WSO2 DAS is no longer supported and removed from the product.
Compatible WSO2 product versions¶
- WSO2 API Manager 4.1.0 is compatible with WSO2 Identity Server 5.11.0.
- WSO2 API Manager 4.1.0 is compatible with Choreo Connect 1.1.0.
Fixed issues¶
- API Manager
- Micro Integrator
- Streaming Integrator
- API Controller
- Integration Studio
- Micro Integrator Dashboard
- Streaming Integrator Tooling
- Choreo Connect
Known issues¶
- API Manager
- Micro Integrator
- Streaming Integrator
- API Controller
- Integration Studio
- Micro Integrator Dashboard
- Streaming Integrator Tooling
- Choreo Connect