This release introduces powerful new features for API management including internal route invocation and improved authentication policies.
Breaking Changes 🛠#
- Removed the deprecated Aserto authorization policy due to Aserto shutting down. If you're currently using this policy, please migrate to an alternative authorization solution.
New Features 🎉#
-
Internal Route Invocation: Added
context.invokeRoutecapability that allows you to internally invoke a route without making an external HTTP request. This enables more efficient internal API calls and better performance for complex routing scenarios. -
Enhanced Client IP Parsing: Improved parsing of client IP addresses from the X-Forwarded-For header, providing more accurate client identification for rate limiting and analytics.
-
CLI Log Verbosity Control: Added a new flag to control log verbosity levels in the Zuplo CLI, making debugging and troubleshooting easier during local development.
-
Custom Domain Aliases: Introduced support for custom domain aliases, allowing you to map multiple domains to a single API deployment for more flexible domain management.
-
Web Bot Authentication: New policy for authenticating and managing web bot traffic, helping you control automated access to your APIs. See the policy docs for more details
-
API Key Management Enhancement: You can now delete the default API key, providing more flexibility in API key lifecycle management. See documentation
Bug Fixes 🐛#
- Fixed an issue that prevented changing deployments for custom domains.
- Increased the body size limit on GitHub webhooks to support larger payloads.
- Enhanced error handling in mock API policy to support single example responses.
Documentation 📚#
- Updated documentation for the Auth0 JWT authentication policy.