The latest release of the Akana API platform includes several updates and enhancements, including support for Java 17 to leverage the benefits of this JDK version and long-term support compliance. This release also addresses several known vulnerabilities across third-party libraries. See the release notes for more information.
MongoDB 7 Certification
Akana platform is now certified with MongoDB 7 for improved compatibility and performance.
Grid Service Optimization
The grid service will allow to bind on the specific IP addresses on a machine that are mentioned in the grid configuration.
Security Enhancements
- Additional safeguards are supported in various authentication flows for the Policy Manager console.
- JQuery and Bootstrap libraries used in the Community Manager out of the box landing page and customization samples have been updated.
For additional enhancements and fixes see the Release Notes.
OpenAPI Specification (OAS) Support Improvements
As part of this minor release, Akana implemented enhancements and bug fixes to improve OpenAPI Specification (OAS) support.
Improved $ref Handling
Expanded support for $ref references to requestBodies defined under components section, enabling better modularization definition of requestBody.
Enhanced OAS 3.1 Specification Support
Support has been added to download OAS 3.1 specification file and edit API from API details page. Along with this support has been added to display the discriminator details on API documentation and details page.
Default Edit Mode in API Designer
Akana now restricts API editing in API designer, to the original or creation version. This helps avoid any issues caused by the OAS version mismatch.
For additional enhancements and fixes refer to the Release Notes.
OAuth Client Policy Enhancements
Akana has introduced several enhancements to OAuth Client Policy.
Support for Private Key JWT Authentication
To enable more robust client authentication through asymmetric cryptography, the OAuth client policy now supports the Private Key JWT authentication technique.
Additional parameters support
The OAuth client policy now supports sending additional parameters in OAuth token requests, as required by the Authorization server. Additional parameters can be added to the token request header, form post, and private key JWT claim headers and claims.
OAuth Client Policy Caching
The OAuth client policy now allows you to specify when the token cache expires. This allows token caching to be based on the Authorization server's token expiry parameters. If no value is specified in the policy, the OAuth Client policy will calculate the token cache expiry based on the expires_in value returned in response to a token request. The updated settings will replace the admin console cache configuration in com.akana.policy.oauth.client section.
In addition to the above enhancements, POST will now be the only supported method for token requests, and the GET method disabled for security reasons.
For detailed instructions to update your OAuth Client policy configuration, see the OAuth Client Policy configuration documentation.
Support for Windows Server 2022
Akana now supports deployment on Windows Server 2022, ensuring compatibility with the latest Windows Server environments.
For additional enhancements and fixes refer the release notes.
FAPI 1.0 Advanced Profile Support
Akana OAuth provider now supports FAPI 1.0 Advanced Profile (FAPI), designed to meet the highest security and privacy requirements for financial-grade APIs.
Key Features:
- The Akana OAuth provider domain can be configured to comply with the FAPI profile by enabling the FAPI profile flag in the domain settings. Once enabled, the OAuth authorization and token endpoints will enforce stricter security requirements in line with the FAPI profile.
- The External OAuth provider domain such as PingFederate will also support FAPI profile compliance.
- The Akana OAuth policy will enforce additional validations on incoming access tokens in the API requests when the FAPI profile is enabled for corresponding Akana or External OAuth domains.
Review FAPI Support in the documentation to start using the FAPI feature support in Akana. Akana 2024.1.1 also includes bug fixes and security measures. Please check the release notes for other updates.
TLSv1.3 Support
Akana has added TLSv1.3 support in this release, enhancing the security, performance, and compatibility of our product. For enhanced compatibility both TLSv1.3 and TLSv1.2 protocols can be enabled for Akana inbound and outbound communication. Akana supports TLS_AES_256_GCM_SHA384, and TLS_AES_128_GCM_SHA256 and cipher suites for the TLSv1.3 protocol.
Please refer the “Enabling TLS v1.2 and v1.3” and “Limit outbound SSL/TLS/Cipher support” in the Akana Platform Hardening Guide for detailed steps to enable protocol.
Akana 2022.1.3.2 also includes bug fixes and security measures. Please check the release notes for other updates.
Key Enhancements and Features in 2024.1.0
Akana 2024.1.0 includes numerous upgrades and enhancements, including in-place container upgrades.
In-Place Container Upgrades
This release offers improved capabilities for in-place container upgrades. You can now easily apply cumulative upgrades to any Akana container.
To allow for a rollback of the upgrade, a snapshot of the container state is automatically created just before the upgrade is being applied. The container updates can be easily uninstalled using the rollback function, which restores the container to its state captured in the snapshot.
Apply and rollback functions can be executed through the container’s Admin Console or by using automation recipes. New recipes (named install-patch.json and rollback-patch.json) have been added.
In-place container upgrades (or rollback of these upgrades) are executed on a running container. The container will automatically be restarted once the upgrades have been successfully applied (or rolled back).
This feature is applicable to all Akana containers. Learn more in this video:
OpenAPI Specification 3.1 Support
Akana has added support for the OpenAPI Specification (OAS) 3.1. Key enhancements introduced along with this feature are:
- Creating and updating REST APIs using OAS 3.1 format.
- Downloading the OAS 3.1 API specification from an API.
- Validating the request and response for APIs using the HTTP Message Validation policy.
- Viewing the OAS 3.1 documentation with partial support for OAS 3.1 constructs.
- JSON Schema 2020-12 Compatibility.
- JSON schema type 'null'
- Discriminator property for oneOf, anyOf keywords
For other enhancements and bug fixes, see the release notes.
IAM authentication supported for Amazon RDS
Starting version 2022.1.2.10, Akana adds support for using AWS Identity and Access Management (IAM) authentication tokens when accessing Amazon RDS (Relational Database Service) instances. When the IAM feature is enabled on the Amazon RDS instance, Akana communicates with the RDS instance using the IAM token instead of traditional database credentials. Akana has certified this feature with MySQL and Aurora MySQL-compatible databases.
Please check release notes for other updates
2022.1.2.9
Oracle 23c support has been added.
Starting with version 2022.1.2.9, the Akana platform now supports Oracle 23c.
Added support configure additional parameters for OpenID Connect Relying Party Domain.
The OpenID Connect Relying Party Domain now allows the option to configure additional parameters required by the OIDC provider.
This feature allows Oracle Access Manager to be configured as the OIDC domain for single sign-on.
Please check release notes for other updates.