API Gateway:Release notes

Feature

Description

Region

References

Third-party authentication plug-in

Third-party authentication plug-ins are supported. API Gateway calls the user's authentication service before calling the backend service. After receiving a success response from the authentication service, API Gateway calls the backend service. Authentication results can be cached, authentication request parameters can be mapped, and authentication responses can be customized in third-party authentication.

All regions

Mixed HTTP/HTTP-VPC backends

Custom mixed HTTP/HTTP-VPC backends are supported. You can configure different backend types for different environments.

All regions

Custom domain names in VPC authorizations

Custom values of the Host parameter are supported for VPC backend services for use in different environments. Custom values of the Host parameter are also supported in VPC authorizations.

All regions

Create an API operation with a resource in a VPC as the backend service

Feature

Description

Region

References

Automatic HTTP-to-HTTPS redirection

Automatic redirection of HTTP requests to HTTPS requests is supported. You can configure this feature in your domain name configurations.

All regions

Configure automatic jump from HTTP to HTTPS

Access from domain names of Application Load Balancers (ALBs) in VPC authorizations

Auto-scaling domain names of ALBs can be configured as URLs of backend services in VPC authorization configuration. API Gateway automatically adapts when an ALB scales.

All regions

Create an API operation with a resource in a VPC as the backend service

Optimized naming rules for API groups and APIs

Underscores (_), hyphen (-), spaces, and periods (.) can be used in the names of API groups and APIs.

All regions

Feature

Description

Region

References

Configuration of inbound VPCs for dedicated instances

The source vSwitch can be specified for inbound requests when you bind an inbound VPC to a dedicated instance.

All regions

Access API Gateway over a VPC

Configuration of access keys (AKs) and AppCodes for apps

Custom AKs and AppCodes are supported when you create apps. You can also change the AKs and AppCodes for apps that are already in production. The change takes effect immediately

All regions

Feature

Description

Region

References

VPC access authorization

The Host parameter can be configured when you configure VPC access authorizations. The Host parameter is added to the requests that are forwarded by API Gateway to backend services deployed in the VPC.

All regions

Create an API operation with a resource in a VPC as the backend service

Plug-ins of the Routing type

Plug-ins of the Routing type allow you to set the weight of routing options. Requests are distributed to the routing options that meet the criteria according to the configured weight ratio.

All regions

Plug-ins of the Routing type

Feature

Description

Region

References

Configuration of EventBridge as a backend service

EventBridge can be integrated with API Gateway as a backend service. After you integrate EventBridge as a backend service, you can read the event buses configured in EventBridge.

All regions

Create an API with EventBridge as the backend service

Feature

Description

Region

References

API group synchronization

Model data can also be synchronized when metadata is synchronized between API groups.

All regions

Feature

Description

Region

References

JWT authentication plug-in

The token can be read from the Cookie header in a request by using the JWT authentication plug-in.

All regions

JWT authentication

Backend service

A backend service can be referenced by multiple APIs. If you modify the definition of this backend service, the change is pushed to all APIs that reference the service.

All regions

Use a backend service to create and manage APIs

Feature

Description

Region

References

Integration with Log Service

The requested plug-ins and the request context can be recorded in API call logs.

All regions

Use Log Service to manage logs of API calls

Plug-ins of the IP Access Control type

Plug-ins of the IP Access Control type can be used to allow or reject the originating IP addresses or the direct IP addresses.

All regions

Plug-ins of the IP Access Control type

Console optimization

VPC authorizations can be filtered by specifying the IP address, VPC ID, or port number. Plug-ins can be searched for by name in fuzzy search mode.

All regions

Feature

Description

Region

References

Cross-zone resources for upgrading the specifications of a dedicated instance

If you want to upgrade the specifications of a dedicated instance but the resources are insufficient in the zone where the instance resides, resources in other zones can be applied for the upgrade.

All regions

Support for multiple HTTPS security policies for internal domain names of a dedicated instance

Multiple HTTPS security policies are supported by the internal domain names that are bound to the API groups in a dedicated instance. The HTTPS security policy used by an internal domain name can be the same as that used by the dedicated instance.

All regions

Feature

Description

Region

References

Removal of the Server header from responses that is generated by API Gateway. This feature is available only for dedicated instances.

For dedicated instances, the Server header generated by API Gateway in the response can be hidden.

All regions

Debugging by using an AppCode

An AppCode can be used for debugging on the Debug API page of the API Gateway console.

All regions

Feature

Description

Region

References

Native support for using Object Storage Service (OSS) as the backend service

OSS can be configured as the backend service. If you activate API Gateway and OSS in the same region, APIs can access OSS over the internal network.

All regions

Modifying VPC authorization settings and publishing multiple related APIs at a time

The APIs that are referenced can be published at a time when you modify or delete VPC authorization settings?

All regions

Feature

Description

Region

References

Specifications change for dedicated instances

The specifications of a dedicated instance can be losslessly upgraded or downgraded.

All regions

Change instance specifications

Instance monitoring

The monitoring data of each dedicated instance can be viewed in the API Gateway console.

All regions

Use API Gateway for monitoring

Basic authentication

Basic authentication

All regions

Basic authentication

Feature

Description

Region

References

Custom internal domain names

Custom internal domain names can be bound to API groups. After you bind a custom internal domain name to an API group, the APIs in the group can be called only over the internal network.

All regions

Bind a domain name to an API group

Fuzzy search on the Authorizations page

On the Authorizations page, VPC authorizations can be searched for by authorization name in fuzzy search mode.

All regions

The unit of milliseconds supported by plug-ins of the Circuit Breaker type

The unit of milliseconds can be used in conditional expressions that you configure for plug-ins of the Circuit Breaker type.

All regions

Feature

Description

Region

References

BasePath parameter

The BasePath parameter can be set for API groups. The BasePath value must be used together with the Path value of an API in the API group for all requests.

All regions

Support for the Array type in Swagger files

The Array type is supported in Swagger files.

All regions

End-to-end log tracing

B3 Propagation and EagleEye are supported to implement end-to-end log tracing. By default, B3 Propagation headers and EagleEye-related headers are passed through.

All regions

Feature

Description

Region

References

API filtering based on the request path and method

On the APIs page, APIs can be filtered based on the request path and method.

All regions

Adding tags for multiple APIs at a time

On the APIs page, tags can be added to multiple APIs at a time.

All regions

Feature

Description

Region

References

API Gateway logs

The content of the decrypted JSON Web Tokens (JWTs) can be included in logs that are delivered to Log Service. This feature can be used only for dedicated instances.

All regions

Multiple shared instances

Multiple shared instances are supported.

All regions

Synchronizing API metadata for a group and changing the backend service in a VPC for multiple APIs

The metadata of APIs in an API group can be synchronized, and the backend service type can be changed for multiple APIs at a time.

All regions

Feature

Description

Region

References

Binding a VPC of another Alibaba Cloud account

A VPC of another Alibaba Cloud account can be bound to an instance.

All regions

Feature

Description

Region

References

API metadata synchronization for API groups and metadata comparison

The metadata of APIs in an API group can be synchronized to another API group within the same Alibaba Cloud account. Before synchronization, the metadata of APIs in the source API group can be compared with that of existing APIs in the destination API group.

All regions

Wildcard domain names for plug-ins of the CORS type

Wildcard domain names are supported by plug-ins of the CORS type.

All regions

Feature

Description

Region

References

API filtering for Swagger file import

API filtering is supported. If you import Swagger files that define multiple APIs, you can select specific APIs to create them.

All regions

Binding one domain name to multiple instances

One domain name can be bound to multiple instances.

All regions

Feature

Description

Region

References

Protection against HTTP flood attacks

Throttling plug-ins can be used to block requests from different aspects, such as IP address and parameter from clients. This helps protect against HTTP flood attacks.

All regions

Throttling

90 seconds as the timeout period of the backend service for dedicated instances

For dedicated instances, the timeout period of the backend service can be set to 90 seconds.

All regions

Feature

Description

Region

References

End-to-end log tracing

API Gateway is integrated with Tracing Analysis. You are allowed to specify the sampling mode and sampling rate in the API Gateway console.

All regions

Configure tracing analysis

Feature

Description

Region

References

Parameter configuration for plug-ins of the CORS type

Plug-ins of the CORS type can be configured by using parameters.

All regions

IPv6

API calls from IPv6 addresses are supported by the backend service of dedicated instances.

All regions

Feature

Description

Region

References

Increased limit for the size of an HTTP request body

For dedicated instances, the allowed maximum size of an HTTP request body is increased to 32 MB. For shared instances, the maximum size can be only 8 MB.

All regions

Reading parameters from multiple parts of a form

Parameters from multiple parts of a form can be read.

All regions

Monitoring data in the API Gateway console

The monitoring data about API calls can be collected by region and API group.

All regions

Use API Gateway for monitoring

Feature

Description

Region

References

Support for published APIs at the backend service

APIs that are published in the API Gateway console can be configured at the backend service. APIs that are created within the same account or within different accounts can be called.

All regions

Call by API Gateway

API version comparison

Differences between the current version and an earlier version of an API can be checked.

All regions

Version management

Support for Function Compute as a backend service

API Gateway, which is developed based on cloud-native technologies, can communicate with Function Compute that provides an HTTP trigger over a VPC in simple configuration mode.

All regions

Use Function Compute as the backend service of an API operation

IP address whitelist and blacklist obtained based on the values of the X-Forwarded-For header

An IP address blacklist or whitelist can be configured based on the values of the X-Forwarded-For header. This feature applies to scenarios in which API Gateway connects to middleware such as Web Application Firewall (WAF).

All regions

Plug-ins of the IP Access Control type

Support for caching of filter conditions on the APIs page

Filter conditions on the APIs page can be retained to facilitate API management.

All regions

Feature

Description

Region

References

Cross-origin header

The cross-origin header origin:app://. is supported.

All regions

Implement CORS in API Gateway

Resource tags added to the console

Tags for all resources on API Gateway can be edited. Resources can be queried by tag, and permissions on resources can be granted by tag.

All regions

Use RAM to manage user permissions for API Gateway

DNS records of the TXT type used to verify the ownership of domain names

When domain names are bound to API groups, a Domain Name System (DNS) record of the TXT type can be added to verify the ownership of the domain names.

All regions

Bind a domain name to an API group

Optimized Swagger file import

Global variables can be configured. Global variables can be used to import native Swagger specifications to API Gateway for creating APIs.

All regions

Integrate API Gateway with a CI/CD process based on Swagger

Feature

Description

Region

References

Connection quota added for shared instances

For a shared instance, each user can use a maximum of 500 connections.

All regions

Limits

Default certificates supported for dedicated instances

Default certificates are supported for dedicated instances to improve the user experience on the client that does not support the server name indication (SNI) of an earlier version.

All regions

Bind a domain name to an API group

Overview page added to the console

The Overview page is added to show how to use the API Gateway console, plan API groups, and view API usage.

All regions

Feature

Description

Region

References

Dedicated instances supported by Alibaba Finance Cloud

Dedicated instances are supported by Alibaba Finance Cloud.

China East 1 Finance, China East 2 Finance, and China South 1 Finance

Optimized API Gateway SDK for Java

API Gateway SDK for Java is optimized. Parameters of the Array type are supported. Content-MD5 and X-Ca-Nonce headers can be configured not to be transmitted.

All regions

Access to the ID and IP address of VPCs

The ID and IP address of a VPC can be obtained when users access API Gateway over the VPC.

All regions

Plug-in binding on the API details page

Plug-ins can be bound and managed on the API details page.

All regions

Publishing or unpublishing multiple APIs at the same time

Multiple APIs can be published or unpublished at the same time in the API Gateway console.

All regions

Feature

Description

Region

References

Shared instances supported by Alibaba Finance Cloud

Shared instances are supported by Alibaba Finance Cloud.

China East 1 Finance, China East 2 Finance, and China South 1 Finance

Troubleshooting

The troubleshooting feature is provided for you to query logs and troubleshoot errors by request ID.

All regions

Troubleshooting

Log configuration for users of dedicated instances

Users who use dedicated instances are allowed to record business information in logs.

All regions

Use Log Service to manage logs of API calls

Pass Host Header parameter

The HOST headers of all APIs in an API group can be passed through to the backend service after you select Pass Host Header.

All regions

Trace logs added on the Debug API page

End-to-end logs for debugging can be queried by request ID.

All regions

Querying authorized APIs by API name

Authorized APIs can be queried by API name.

All regions

Support for deployment of dedicated instances in all regions outside the Chinese mainland

Dedicated instances can be deployed in all regions outside the Chinese mainland.

All regions