API Management

Apigee Edge Private Cloud 17.01 Is Here!

We’re excited to announce the general availability of Apigee Edge for Private Cloud 17.01. This release includes several features that help you better control and secure your APIs, standardize deployment, enable reusability of existing infrastructure components, and make it easy to manage developer apps.

Shared flows and flow hooks

Shared flows let you operationalize functionality in API proxies. By combining conditionalized policies and resources into a shared flow, you can reference the shared flow from any API proxy to execute single-source, reusable logic. For example, a shared flow might verify the API key, protect against spike arrests, and log data.


Flow hooks let you attach these shared flows at key enforcement points (pre-proxy, pre-target, post-target and post-proxy) within the API proxy lifecycle. This make is easy to enforce some common compliance and security requirements such as OAuth, threat protection, traffic management, and logging across all API traffic without having to rely on the API developer to do that in each and every proxy. See additional details about this feature here.

Encrypted key value maps

Key value maps (KVMs), which were already an Edge feature for long-term persistence of key-value pairs, can now be encrypted for stronger data security. You can now store service accounts, system credentials, or any secure information to access third-party APIs.

Encrypted KVMs are encrypted with an Apigee-generated AES-128 cipher key. Just like regular KVMs, encrypted KVMs are scoped. They can be scoped at the “organization,” “environment,” or “apiproxy” level.


Multi-data center API BaaS

API BaaS provides developers with access to a flexible data store and enables you to quickly integrate valuable features into your app, including social graphs, user management, data storage, push notifications, performance monitoring, and more.

In the past you could only install API BaaS in a single data center. With this release, API BaaS can be deployed in multiple data centers. Any data collection that is created automatically gets replicated across the different data centers. With this, BaaS can be supported in a active-active configuration and provides higher levels of availability.

RPM-based install for the developer portal

In previous releases you had to download and install the developer portal from a tarball. But now the Developer Services portal is installed from RPMs, using the same repo and tools as Edge and API BaaS. This means the admins can use  the same process for deploying the developer portal as they use for installing rest of the Edge components. It makes for a seamless installation experience.

Fewer components

The Developer Services portal now uses Postgres (used for analytics) as its database and Nginx (used as a router) as its web server. Customers upgrading to 4.17.01 from a previous version continue to use MySQL or MariaDB (for all new installations, the portal uses Postgres as its database instead of MySQL and MariaDB). New installations also install Nginx as the web server. Customers upgrading to 4.17.01 from a previous version continue to use Apache.

Developer apps

Developer app management in the Edge UI has gotten more powerful, thanks to several enhancements. You can revoke and approve apps (in edit mode) in a new "App Status" field. API key expiry dates are now shown on the Developer App Details page, and keys are organized by expiry dates in a "Credentials" section. Additionally, you can generate API keys with specific expiration times or dates (or with no expiration).

Other improvements

  • You can now display a consent banner when a user first accesses the Edge UI. The consent banner displays HTML-formatted text and a button that the user selects to proceed to the log-in screen.
  • We have updated versions of Cassandra and Qpid.
  • When you create a "pass-through SOAP" proxy based on a WSDL, Edge hosts the WSDL and creates a flow in the proxy to let you access it. You can access the hosted WSDL at http(s)://[edge_domain]/[proxy_base_path]?wsdl, which is the new service endpoint URL for clients calling the SOAP service through the proxy.
  • We added “data for average transactions per second” (average TPS) to the main proxy traffic dashboard. In addition, when you hover over individual data points on the proxy traffic and proxy performance charts, TPS for that time interval is displayed in the tooltip.
  • This release also contains a bunch of bug fixes. Some examples include “Intermittent errors (such as SNI errors) on JavaScript service callouts,” “Invalid URL parsing returns a 500 status with ApplicationNotFound,” “SOAP WSDL passthrough operation name issue,” and “Error in creating node.js API Proxy when Enable Cors option is selected.”

How to upgrade

We strongly encourage customers to upgrade to this new release as soon as possible. You can update Apigee Edge version to 4.17.01. If you have a version of Edge previous to version 4.16.01, then you must first migrate to version 4.16.01.x and then update to version 4.17.01.

Hope you’re as excited as we are about this new release. There’s a lot more to share than what can fit in here; additional details can be found in our release notes. We strongly encourage customers to try out these new features, ask questions, and provide feedback on the Apigee Community.