🚀 A new APIM release has landed. Welcome to 1.21

Nicolas Géraud
Dec 3, 2018 · 3 min read

Release 1.21 is the last version of 2018. So let me introduce what’s new.

Configure your OAuth providers dynamically

Before release 1.21, the only way to add a new OAuth provider was to configure both the management API and the Web UI. This add also required to restart the management API.

With this new feature, you can now add an OAuth provider dynamically.

You can add as much providers as needed and we have a dedicated form if you’re using Gravitee.io AM with fewer informations to fill.

Use your system HTTP Proxy for fetchers and notifications

If you was behind a proxy and wanted to get documentations (via our fetchers plugins) or if you needed to send notifications to the outside you could not do it.

In release 1.21 you can now check the “Use system proxy” box, and let Gravitee.io use the system proxy.

You can also configure this proxy in the gravitee.yml file (only in the management API):

New policy : HTTP Callout

To achieve some use cases, you sometimes need to extend the incoming request (or the outgoing response) with extra data.

We already provide properties and dictionaries, but the point is those key/value entries are not depending on the resquest (or the response).

With this new policy, you can call an external endpoint and store the result (or a subset of the result) in a variable.

the configuration of the new HTTP Callout policy

We would love to hear your use case with this new policy. Please share them on Gihub issues or on Gitter.

Policy JWT: JWKS & HMAC

The JSON Web Tokens policy has been updated with great improvements. You can now verify your JWT with HMAC key and use the JWKSet Endpoint to handle JWT signatures.

The JWKSet Endpoint exposes a set of keys containing the public keys that should be used to verify JWT issued by your authorization server.

For the most OAuth2.0/OIDC compliant authorization servers, the JWKSet Endpoint is available at :

https://AUTH_SERVER_HOST/…/.well-known/jwks.json

Verify JWT from JWKSet Endpoint

New Signature Algorithms (RS256 to RS512 and HS256 to HS512) are now supported.

Upload Images in your documentation

Thanks to Guillaume you can now upload images in your documentation.

To do that you need to enable this feature first :

Enable this feature to upload images into your documentation

Now, you have a new icon in the markdown editor:

A new icon is in the toolbar

That’s it.


And more …

You can find the full changelog here :

  • we have added more informations in the request context, available in the expression language,
  • the gateway is a bit more efficient,
  • you can validate the request body with the Request Validation Policy

For this, just follow the installation guide and start to play with Gravitee.io by using Docker.

You have questions, suggestions, issues, we would be happy to help you from our Gitter channel.

graviteeio

Gravitee.io Blog

Nicolas Géraud

Written by

graviteeio

Gravitee.io Blog