wso2/product-apim v4.7.0

WSO2 API Manager 4.7.0 Released!

on GitHub

WSO2 is pleased to announce the release of WSO2 API Manager 4.7.0.

It's now available to download.

Distribution

You can download API Manager 4.7.0 from here.

• wso2am-4.7.0

How to run

Run locally

(Skip steps 1 and 2 if JDK 21 is already setup on your environment)

1. Install Java SE Development Kit (JDK) version 21.
2. Set the JAVA_HOME environment variable. For more information on setting the JAVA_HOME environment variable for different operating systems refer the steps in our documentation.
3. Extract the downloaded zip file.
4. Go to the bin directory in the extracted folder.
5. Run the api-manager.sh file if you are on a Linux/Mac OS or run the api-manager.bat file if you are on a Windows OS.

Other Distributions

API Manager 4.7.0 offers specialized runtime distributions for flexible deployments.

• API Control Plane
  Manage design, lifecycle, and governance of APIs at scale
  Download

• Traffic Manager
  Handle high-volume API traffic with advanced policy enforcement and rate limiting
  Download

• Universal Gateway
  Secure and manage API traffic with scalable, enterprise-grade gateway capabilities
  Download

• API Platform Gateway
  New lightweight, self-hosted gateway for high-performance API traffic management
  Download

Refer the documentation to learn more about the component distributions

New Features

• API Platform Gateway Integration
• Support for Multiple Client Secrets in OAuth Applications
• AsyncAPI 3.0.x Specification Support
• MCP Governance
• MCP-Aware Analytics
• Asgardeo Key Manager Support
• Semantic Tool Filtering Guardrail
• Multi-Model Routing: Semantic Routing and Intelligent Routing

Improvements

• Build and Runtime Compatibility with JDK 21
• Optimized Token Generation by Disabling JWT Persistence by Default
• Enhanced SOAP API Experience in the Developer Portal
• Admin-Defined Constraints for Key Manager Application Validation

Key Changes

• API Key Model Updated to API-Bound Keys by Default
• Default Encryption Mechanism Updated to Symmetric Encryption
• Token Persistence Disabled by Default
• Default-Deny Resource Access Control
• UTF-8 Enabled by Default

Fixed Issues

See details of all the changes including improvements, and bug fixes in this release.

Known Issues

All the open issues pertaining to WSO2 API Manager-4.7.0 are reported here.

How To Contribute

Your feedback is most welcome!

Community

You can use our Discord Channel and Stack Overflow Collective to engage with the wider audience https://wso2.com/community/

Reporting Issues

We encourage you to report issues, improvements, and feature requests through WSO2 API Manager GIT Issues.

Important: Do not report security issues via GitHub. For proper handling and confidentiality, report all security issues directly to security@wso2.com. We strongly advise following the WSO2 Security Vulnerability Reporting Guidelines when reporting security issues.

~ WSO2 API Manager Team ~