KrakenD CE v2.5 released: multiple POSTs opened

Hey KrakenD enthusiasts,

We’ve got some exciting news for you – KrakenD v2.5 is here, packed with features that take simplicity to a whole new level while tackling complex challenges head-on. Let’s dive right into the key updates that make this release worth upgrading:

Multiple POSTs

When we created the aggregation feature seven years ago, we considered it too dangerous for our users to open the door to allow aggregation and sequential calls to write data to multiple targets from a single API call. Therefore, you might have felt restricted when dealing with numerous POSTs and other unsafe methods.

With KrakenD v2.5, we have revisited this ancient determination, and now there is no limit to the number of write operations you can do in a single endpoint. What we did here is to shift the responsibility to you, the developer, because you know better than anyone else if this pattern is something you can afford.

We still firmly believe that doing distributed transactions in the API gateway is a bad idea, but we have also seen (especially in legacy systems) that you have to play with what you have. Sometimes, methods are unsafe, but the operations underneath them are not. How many old APIs have you seen that use a POST verb to perform a SELECT in a database?

With this version, you can now:

• Add multiple POST, DELETE, PUT, or PATCH entries in a single endpoint
• Use sequential calls with unsafe methods.

As seen in Spider-Man comics and movies, With great power, there must also come great responsibility.

Restrict the service to a specific IP

Now, you can dictate which IP your service listens to. So far, KrakenD listened to all interfaces (0.0.0.0). The new listen_ip field lets you restrict the service to a specific IP (v4 and v6 formats accepted), putting you in control of your network configurations.

Connect to backends using mTLS

Security is non-negotiable. Complementing the previously existing Service mTLS where your clients had to provide a certificate in business-to-business (B2B) applications, you can now configure Client mTLS options to establish secure connections from KrakenD to your backends more securely.

More granular filtering of query strings

The new release brings a second level input_query_strings in the backend section, which allows you to apply a second round of query string filtering. You might need to pass a few query strings in your endpoint, but not all backends need to receive all of them. You can now do configurations like this:

{
    "endpoint": "/letters",
    "input_query_strings": ["a","b","c","d"],
    "backend": [
        {
            "url_pattern": "/wowels",
            "input_query_strings": ["a"]
        },
        {
            "url_pattern": "/consonants",
            "input_query_strings": ["b","c","d"]
        }
    ]
}

One-step Flexible Configuration and linting

The usage of the Flexible Configuration with the check commands now, does not require you to use FC_OUT to apply the --lint, saving one step in all pipelines.

Empowering Custom Plugins

We believe in giving you control. Custom plugins (both server and client) will now receive the Service Go Context, allowing you to gracefully handle services started by the plugin when the gateway shuts down.

More Identity Servers

Identity servers returning Content-Type: application/jwk-set+json are now seamlessly accepted without doing any extra configuration, expanding the horizon of possibilities for your authentication mechanisms.

Ironing Out the Wrinkles

KrakenD v2.5 doesn’t just bring new features; it also addresses previous quirks. Race conditions on global JWK URL keys cache? Fixed. Rate limit eviction resetting on very large time settings? No more. We’re committed to delivering a smoother experience.

Upgrade now and experience the power of simplicity with KrakenD v2.5. We’re engineering solutions for your complex problems, one release at a time.