WSO2 Upgrades API Management with Enhanced AI Support and Kubernetes-Native Capabilities
- Sanjeewa Malalgoda
- Director - Engineering - WSO2
Today, WSO2 launched updates to the #1 open source API management platform for building and managing full lifecycle APIs with new releases of its core WSO2 API Manager offering and WSO2 API Platform for Kubernetes (WSO2 APK). At a time when AI adoption is skyrocketing and cloud native architectures are becoming the norm, WSO2 is focused on capabilities for managing artificial intelligence (AI) and third-party API consumption, alongside enhanced Kubernetes support and improved productivity and security features.
Our latest versions introduce a range of new features and improvements, focused on helping customers take full advantage of cloud native architectures, microservices, container-based deployments, and the rapid scaling of AI services. Additionally, WSO2API Manager offers continually evolving capabilities and features that allow customers to future-proof their IT infrastructure with enhanced security and access control, as well as improved API consumer and producer productivity.
We’re delighted to announce and detail the releases of WSO2 API Manager 4.4 and WSO2 APK 1.2.
Egress API Management and the AI API Economy
As organizations race to embed AI capabilities into their applications, the challenge of governing and managing AI and large language model (LLM) API consumption is critical. With these releases, we have introduced new Egress API Management for LLM/AI capabilities to support managing both internal and external AI services as APIs. Benefits of this new capability include:
AI/LLM Support: Developers can manage LLM/AI APIs as outbound (egress) APIs. Saving organizations time, hassle, and cost, WSO2 API Manager and WSO2 APK will also offer built-in support for a range of popular LLM service providers, including OpenAI, Mistral AI, and Azure OpenAI.
Comprehensive API Lifecycle Management: Egress AI APIs benefit from ongoing management from initial design and development to deployment and monitoring. This includes policy enforcement, monitoring, and eventual retirement. WSO2’s Egress API Management also ensures that AI APIs are secure, well-governed, and optimized for performance.
AI API-Specific Quality of Service: Enhanced monitoring and control with token-based rate limiting enable precise enforcement of usage limits tailored to AI API demands.
Figure 1: API Usage analytics across different AI providers and models
Figure 2: Overview of AI API-specific QoS
Flexible Deployment: Customers can tailor the implementation to their specific needs, deploying on either shared or dedicated gateways specifically for AI APIs.
This release represents WSO2's commitment to addressing not just current API management challenges but anticipating future needs. The new Egress API Management capabilities will extend beyond AI services to provide comprehensive governance for all third-party API consumption, helping organizations maintain control over external service usage and costs.
"With AI adoption accelerating across industries, organizations need robust control and visibility over their AI API consumption," says Christopher Davey, WSO2 vice president and general manager - API management. "Our latest release provides the governance and management capabilities essential for scaling AI operations responsibly. We’re also focused on the broader market trend related to egress API governance. Egress is about consumption of third-party capabilities and utilizing them to improve your business internally or enhance the solutions you provide. Some of these API services can benefit from more specialized management and governance.”
Enhanced Kubernetes-Native Support
As microservices continue to proliferate, WSO2 has significantly expanded its Kubernetes-native capabilities. Overall, these enhancements simplify the process of creating, deploying, and securing APIs within a distributed architecture — all of which creates a better experience for developers and engineers building microservice architectures.
Updated WSO2 API Microgateway for WSO2 API Manager 4.4: WSO2 API Microgateway has been updated to work with the latest version of WSO2 API Manager in response to customer and market demand for enhanced scalability while maintaining extreme governance, reliability, and security. WSO2 API Microgateway can run in isolation with no dependencies on other components, allowing it to run in air-gapped environments. The continued support of WSO2 API Microgateway will help organizations maintain seamless operations while taking advantage of our latest gateway technology advancements. Users will now have the choice to deploy the best gateway for their specific use case, on-premises, in the cloud, or in hybrid environments.
gRPC Support: The APK Gateway in WSO2 APK now includes support for gRPC APIs. gRPC is an open-source, high-performance protocol using Protocol Buffers (protobufs) for defining service interfaces and data structure serialization, making it faster and more efficient compared to traditional REST APIs. By aligning with the Kubernetes Gateway API specification (gRPC Route support), this enhancement improves integration with Kubernetes environments and provides greater control over gRPC services for developers and engineers building microservices architectures.
Enhanced Traffic Management with Key Filters: The APK Gateway also now supports new key filters aligned with Kubernetes Gateway API standards, enhancing traffic management and control. This update provides more flexibility and precision in routing and transforming HTTP traffic, resulting in efficient traffic management, and a better experience for developers.
Improved API Consumer and Producer Productivity
The release brings several features designed to boost both API consumer and producer productivity. These improvements allow organizations to update the business plans associated with existing API subscriptions via both API calls and dynamic adjustment of subscription terms and conditions based on their evolving business needs, without disrupting existing consumer relationships.
Subscription Rate Limit Support: This enhancement to WSO2 APK — already a standard feature of WSO2 API Manager — allows API providers to define and enforce usage quotas and limits for API consumers, so they can subscribe to specific tiers with allocated API request limits. By introducing subscription-level rate limiting to the APK Gateway, businesses can better manage API consumption, implement effective monetization strategies, and provide tailored service levels to different consumer groups, enhancing both control and revenue generation.
API Specification Full Content Search: Previously, API searches in WSO2 API Manager were limited to descriptions, tags, and other user-provided data, making it difficult to find APIs based on the content of these definition files. The emphasis is the ability to search beyond surface-level information and delve into the core content of APIs. This enhancement to WSO2 API Manager responds to customer requests for better search functionality, improving API discoverability and usability within the platform.
Enhanced Security and Access Control
Security is always a priority for WSO2’s API management platform. New features in these releases are:
Improvements to Client-Side MTLS Authentication: API consumers can now connect with distinct security levels for production and sandbox environments, allowing flexible use of separate certificates and tailored security policies to meet specific compliance requirements. This enhancement is available in the newest release of the WSO2 API Manager control plane, which can also manage WSO2 APK data planes.
Personal Access Tokens: WSO2 API Manager now offers personal access token (PAT) support. A PAT is a secure, time-limited authentication method used to access systems, APIs, or services without needing to expose a username and password. Often used in continuous integration/continuous delivery (CI/CD) pipelines, automated scripts, or local development environments, PATs act as a substitute for a password and are typically used in scenarios where applications, scripts, or integrations need to authenticate to services like version control systems (e.g., GitHub, GitLab) or API endpoints.
Availability and Learn More
The updated WSO2 API Manager and WSO2 API Platform for Kubernetes are available immediately. If you have any questions, please feel free to contact us here.
- Download the latest version of WSO2 API Manager 4.4
- Download the latest version of WSO2 APK 1.2
- Download the latest version of WSO2 API Microgateway
- Get started today and read the technical documentation for WSO2 API Manager 4.4 and WSO2 APK 1.2
About WSO2
WSO2 delivers the leading open-source API management platform, empowering organizations worldwide to build, manage, and secure their API infrastructure. Our API management products now execute 60 trillion-plus transactions each year. Our comprehensive suite of products helps businesses accelerate their digital transformation journey while maintaining enterprise-grade security and governance.