This version introduce a new lifecycle of APIs. In the previous versions, there was no way to unpublish an API from the portal. Now you can manage thanks to a new action:
We have also introduced a new workflow of validation to publish and start an API. This new functionality can be enabled from the settings:
By enabling the API review workflow, your API is created in draft and need a validation from reviewers (a user with the reviews permissions). Once your API is ready to be reviewed, you can ask for review and a task will appear on the reviewers side.
The API will appear in review, and no action of publish or start will be possible until the review is accepted.
If the API review is rejected, the API publisher will have to make changes and again ask for a review. Once the review is accepted, the API is created and can be started/published.
Role Based Access Control Policy
This new policy can be used to control access by checking the roles extracted from the request. Used with OAuth2/JWT, the control is based on scopes.
Search in logs payloads
When API logging is enabled, it can be useful to search in requests payloads to find a specific log.
And more …
- Websocket support,
- the possibility to add a server timeout on the API gateway,
- support of initial access token for Dynamic Client Registration,
- configuration of the MongoDB’s write concern,
For this, just follow the installation guide and start to play with Gravitee.io by using Docker.
You have questions, suggestions, issues, we would be happy to help you from our Gitter channel.