We're thrilled to announce the general availability of Kong Gateway Enterprise 3.6. This version brings security, efficiency, and standards conformance to enterprise applications. Plus, [Kong AI Gateway](https://konghq.com/products/kong-ai-gateway)Kong AI Gateway, which you can learn more about [here](https://konghq.com/blog/product-releases/announcing-kong-ai-gateway)here. Let’s dive into the enhancements and explore the tangible benefits these features bring your organization.
**mTLS client Authentication in OpenID Connect plugin**: With 3.6, you can now establish a [zero trust](https://konghq.com/blog/enterprise/what-is-zero-trust-security)zero trust architecture more effectively. By enabling mutual TLS (mTLS) client authentication, Kong Gateway ensures secure and trusted communication between your API gateway and Identity Providers. This enhancement not only bolsters your security posture, but also streamlines identity verification processes and enhances overall system reliability.
**AppRole Authentication for Hashicorp Vault**: Kong Gateway 3.6 introduces AppRole Authentication for Hashicorp Vault. AppRole Authentication is specifically designed for automated workflows. This feature complements existing Kubernetes authentication and client ID/secret authentication methods, offering a more robust and flexible approach to secrets management. The integration with Hashicorp Vault via AppRole streamlines access management, significantly reducing the time and effort required for secure operations.
**Expanded Consumer-Groups scoped plugins**: Building on the foundation set in version 3.4, Kong Gateway 3.6 release expands the range of plugins supporting Consumer Groups. This enhancement simplifies API ecosystem management by allowing better organization and categorization of consumers (which in the Kong configuration model represent API clients). The expansion of Consumer Groups to plugins like ACL, Proxy Cache, Rate Limiting, and more, translates into less overhead for developers and adherence to DRY (Don’t Repeat Yourself) principles, making your API management more efficient and less prone to errors. Less configuration is required when you group similar Kong Consumers into Consumer Groups.
**FIPS-Certified Kong Gateway Enterprise**: Achieving FIPS [certification](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=17535)certification demonstrates our commitment to high-security standards. The Kong Cryptographic Module v1.0.0, integral to Kong Gateway Enterprise 3.6, has been rigorously tested and validated under NIST’s Cryptographic Algorithm Validation Program (CAVP). This certification ensures that your data is protected by industry-approved cryptographic algorithms, providing peace of mind and meeting stringent compliance requirements.
**Detailed Performance Benchmarks**: Understanding the importance of performance in enterprise environments, we're releasing comprehensive benchmarks for Kong Gateway. These [benchmarks](https://docs.konghq.com/gateway/3.6.x/production/performance/performance-testing/)benchmarks, along with our testing methodology, offer clear insights into the performance capabilities of our gateway. Additionally, we're open-sourcing the entire testing framework on GitHub, fostering transparency and community collaboration.
Kong Gateway Enterprise 3.6 is more than just an update — it's a strategic enhancement to your enterprise's security, efficiency, and compliance posture. We're excited for you to experience these benefits firsthand and look forward to your feedback as we continue to innovate and lead in the API management space.
Begin your journey with Kong Gateway 3.6 by [signing up for Kong Konnect](https://konghq.com/products/kong-konnect/register)signing up for Kong Konnect for free!
If you’re interested in Kong Gateway Enterprise 3.6, you can download it for free [here](https://konghq.com/install)here. To explore the comprehensive list of features, fixes, and updates, please see the [Docs](https://docs.konghq.com/gateway/3.6.x/)Docs and the [CHANGELOG](https://docs.konghq.com/gateway/changelog/#3600)CHANGELOG.
Imagine you have a single Service, order-api . You want to apply a strict rate limit to most traffic, but you want to bypass that limit—or apply a different one—if the request contains a specific X-App-Priority: High header. Previously, you had t
[](https://konghq.com/blog/engineering/conditional-policy-execution)
How OAuth 2.0 Token Exchange Reshapes Trust Between Services — and Why the API Gateway Is Exactly the Right Place to Enforce It Modern applications don’t run as a single monolithic. They are composed of services — frontend APIs, backend microservi
[](https://konghq.com/blog/engineering/token-exchange-at-the-gateway)
Traditional APIs are, in a word, predictable. You know what you're getting: Compute costs that don't surprise you Traffic patterns that behave themselves Clean, well-defined request and response cycles AI APIs, especially anything that runs on LLMs
[](https://konghq.com/blog/engineering/monetize-ai-apis)
Unify the API and Eventing Developer Experience with the Kong Event Gateway and API Platform Introduction: The EDA and API worlds are converging . . . finally For the past several years, there have been murmurs of an incoming convergence between API
[](https://konghq.com/blog/enterprise/kafka-event-streaming-api-platform)
As of May 2024, Kong Gateway Enterprise 3.3.x.x will enter its End Of Life (EOL) phase and will no longer be a part of the full support cycle. Following this, Kong Gateway Enterprise 3.3.x.x will enter a 12-month sunset support period, exclusively f
[](https://konghq.com/blog/enterprise/kong-gateway-enterprise-3-3-x-x-eol)As of February 2024, Kong Gateway Enterprise 3.2.x.x will enter its End Of Life (EOL) phase and out of the full support cycle. Following this, Kong Gateway Enterprise 3.2.x.x will enter a 12-month sunset support period, exclusively focused on helpin
[](https://konghq.com/blog/enterprise/kong-gateway-enterprise-3-2-x-x-eol)
Power up application modernization and migration using Kong Gateway Enterprise and Amazon EKS Anywhere Bare Metal One of the most critical requirements for an Application Modernization project is to support workloads running on multiple platforms. I
[](https://konghq.com/blog/enterprise/kong-gateway-enterprise-amazon-eks-anywhere-bare-metal)