WSO2 API Microgateway 3.0.0 (WSO2 MGW 300) is the successor of the API Microgateway component in WSO2 API Manager 2.6.0. For more information on WSO2 API Microgateway, see the overview and go to the product page on WSO2 API Microgateway on the WSO2 website.
- Developer first approach
The developer first approach allows developers to work with APIs from open API definitions without needing to create APIs on a separate API Management system. For more information, see Adding an API Using an OpenAPI Definition.
Ability to define per resource endpoints
This allows each HTTP resource of an API to have different micro service backends.
WSO2 API Microgateway supports HTTP/2 together with HTTP/1.1 as the incoming and outgoing transport protocol. For more information, see HTTP 2.0.
Mutual SSL based authentication
WSO2 API Microgateway supports Mutual SSL and thereby allows a client to make a request without user credentials, namely the username and password, provided that the server already knows the client's certificate. For more information, see Certificate Based Authentication - Mutual SSL.
Configuration based Basic Authentication support
WSO2 API Microgateway supports Basic Authentication for APIs from files or configurations that are based on user stores. For more information, see Basic Authentication.
Response and request schema validation
WSO2 API Microgateway supports schema validation based on the open API definitions. For more information, see API Schema Validation.
Service discovery with etcd
WSO2 API Microgateway connects with the etcd server to dynamically discover the backend services. For more information, see Service Discovery.
WSO2 API Microgateway applies global throttling by connecting WSO2 Traffic Manager, which is one of the main components of WSO2 API Manager. For more information, see Distributed Throttling.
Request and Response Transformations
WSO2 API Microgateway supports on the fly request transformations and mediations with custom Ballerina core.
API/Resource level throttling
WSO2 API Microgateway has the ability to specify the request count based on throttling to the API level and/or the API HTTP resource level. For more information, see Rate Limiting.
WSO2 API Microgateway possesses a Real-time Notifier and a Persistent Notifier in order to identify revoked JWT tokens and thereby, seamlessly support JWT Token revocation. For more information, see JWT Token Revocation.
What has changed in this release
Separate microgateway runtime and toolkit
In this release, the runtime has been separated from the toolkit. Thereby, now there are separate binary distributions and Docker images for WSO2 Microgateway Toolkit and WSO2 Microgateway Runtime.
Decoupling of WSO2 API Manager from WSO2 API Microgateway
APIs can be directly created from OpenAPI definitions without needing to use WSO2 API Manager. Thereby, there is no design time coupling with WSO2 API Manager.
New project structure
WSO2 API Microgateway has a new project structure and
initcommand to initialize projects using WSO2 Microgateway Toolkit. For more information, see API Microgateway Project Directory.
Change in the CLI command
The CLI command for WSO2 API Microgateway has changed from
importin order to import APIs from WSO2 API Manager to WSO2 API Microgateway.
Introduction of the
policy.yamlfile has been introduced so custom throttle policies can be defined in the Microgateway project. Policies are not fetched from WSO2 API Manager's Admin Portal as opposed to previous versions. Therefore, only the policies that are defined in the config file will be available.