API Gateway
23 Release Notes
Support for multi-level claim extraction from id_token and access_token
You can now extract custom claims from the id_token and access_token tokens used during the OpenID Connect flow, a method ...
Support for logout back ends
You can now define a logout back end in an API deployment specification, for use with an OAuth 2.0 token ...
Support for OAuth 2.0 and OpenID Connect
You can now create API gateways that validate a JWT or non-JWT authentication token with the OAuth 2.0 introspection endpoint ...
Support for multi-argument authorizer functions and access tokens
You can now use multi-argument authorizer functions for authentication and authorization. A multi-argument authorizer function accepts a user-defined, multi-argument access ...
Support for multiple back ends, and dynamic back end selection
You can now define multiple back ends for the same API deployment, so that requests sent to the same API ...
Support for multiple authentication servers for the same API deployment
You can now define multiple authentication servers for the same API deployment. The authentication servers you set up can be ...
Usage plans to manage subscriber access to APIs
You can now create usage plans and subscribers to monitor and manage API access.
Usage plans enable you to ...
Support for HTTP/2
API clients can now communicate with API gateways over HTTP/2.
For more information see API Providers, API Consumers, API ...
Support for customizing API gateway trust stores
You can now customize the trust store that an API gateway uses to verify TLS certificates by adding the root ...
Support for API client validation using mTLS
You can now specify that an API gateway verifies the TLS certificates presented by API clients to ensure that only ...
Integrated with the Oracle Cloud Infrastructure Certificates service
API Gateway now uses the OCI Certificates service to manage TLS certificates and Certificate Authorities. When creating or updating a ...
API Gateway Support for Network Security Groups (NSGs)
You can now control network access to and from API gateways using security rules defined for one or more network ...
Increased Size Limits for Responses and Requests
API Gateway request and response limits have been increased:
- Stock response body size limit is now 20 MB ...
Support for Response Caching
You can now enable and configure response caching for API gateways to improve performance and reduce load on back-end services. ...
Support for Request Validation
To prevent invalid requests being sent to back-end services unnecessarily, you can now use an API gateway to validate incoming ...
Support for SDK Generation from API Descriptions
With the API Gateway service, you can now generate SDKs (Software Development Kits) based on API resources. You can generate ...
New Services available in US Government Cloud
The following services and features are now available in US Government Cloud regions:
- API Gateway
- Cloud Shell ...
Support for OpenAPI (previously Swagger) API Descriptions
You can now create an API resource based on an API description that you have uploaded from a file written ...
Support for Custom Domains and TLS Certificates
You can now create an API gateway with the custom domain name that you specify when you request a custom ...
Logging is now available
The Oracle Cloud Infrastructure Logging service is a highly scalable and fully managed single pane of glass for all the logs ...
Support for Request and Response Transformation
You can now use request and response policies to transform the headers and query parameters of incoming requests, and the ...
Native support for JSON Web Tokens (JWTs)
You can now control access to APIs you deploy to API gateways using JSON Web Tokens (JWTs), without having to ...
API Gateway is now available
With the introduction of the API Gateway service, you can create protected RESTful API endpoints for Oracle Functions, Container Engine ...