In token-based architecture, tokens represent the client’s entitlement to access protected resources. Access tokens (or bearer tokens as they're commonly known) are issued by authorization servers after successful user authentication. The tokens are passed as credentials in the request to the…
[](/blog/engineering/mtls-sender-constrained-tokens)
Kong Gateway Enterprise 3.5 is packed with security features to support the use cases demanded by our enterprise customers through major improvements in Secrets Management integrations and our Open-ID Connect (OIDC) plugin. Additionally, we’ve added key security updates for a few of our AWS…
[](/blog/product-releases/kong-gateway-enterprise-3-5)
We’re excited to announce the general availability of Kong Gateway 3.5 for Open Source (OSS). This release enables Javascript developers to extend the Gateway via the WebAssembly layer which is currently in Beta, delivers some enormous observability enhancements, and unlocks top-end performance.…
[](/blog/product-releases/kong-gateway-3-5)
APIs have become a crucial part of modern software architecture, allowing different applications and services to communicate with each other. As organizations adopt microservices and distribute their systems, they require a cohesive API platform to manage these complex environments. In this blog…
[](/blog/enterprise/modern-api-platform-principles)
Kong is expanding its global footprint with a new joint venture in Japan. In partnership with Japan Cloud — a Tokyo-based consultancy that helps high-growth cloud companies to succeed in Japan — Kong is establishing a local subsidiary in Tokyo to accelerate growth in the Japanese market. Japan…
[](/blog/news/kong-and-japan-cloud)
The Kubernetes Gateway API represents a massive collaborative effort and key advancement in Kubernetes networking. Developed by multiple vendors and community members, the Gateway API provides a robust and extensible new standard for managing ingress traffic. With the recent general availability of…
[](/blog/engineering/kubernetes-gateway-api-engineering-perspective)
We are excited to announce the latest minor release of Kuma 2.5.0. We’re in the last stride of publishing this release, but I believe the features we’re landing are important enough to start teasing you about it. Let’s focus on three main features: Kong recently launched Kong Mesh Manager , the…
[](/blog/product-releases/kuma-2-5)
In the Kubernetes world, the Ingress API has been the longstanding staple for getting access to your Services from outside your cluster network. Ingress has served us well over the years and can be found present in several dozen different implementations, but as time has passed and Kubernetes has…
[](/blog/engineering/gateway-api-from-early-years-to-ga)
Kubernetes took the world by storm in 2014. A CLI-first experience, containers as a first-class citizen, and a need to dynamically scale workloads meant that Kubernetes was the right choice for many teams moving to the cloud. By late 2015, the community realized that there needed to be a standard…
[](/blog/product-releases/gateway-api)
Over the last ten years, Kongers have witnessed hundreds of companies adopting a full lifecycle API management platform and have been working with the people behind the scenes, the “API tribes.” We’ve also learned from the field that API tribes most often have to deal with heterogeneous platforms,…
[](/blog/enterprise/api-gateway-service-mesh-and-zero-trust)
Whether ordering groceries online, checking your bank balance, or tracking a delivery, APIs are behind the scenes making it all possible. They're the backbone of the digital experiences that drive our interconnected global economy. You may know that. But beyond the convenient (and sometimes…
[](/blog/enterprise/the-economic-impact-of-apis)
Imagine this: You're documenting an unreleased feature, and your documentation requires screenshots. However, you're working in an internal environment that includes features you don't want to reveal to the public. What do you do? We faced this exact situation during the API Summit release when we…
[](/blog/engineering/docs-as-code-screenshot-automation)
Modern software design relies heavily on distributed systems architecture, requiring all APIs to be robust and secure. GraphQL is no exception and is commonly served over HTTP, subjecting it to the same management concerns as any REST-based API. In fact, GraphQL’s dynamic client querying…
[](/blog/engineering/governing-graphql-apis-with-kong-gateway)
Everyone’s talking AI — or artificial intelligence. But much of that talk falls into one of two extremes: AI will fix everything or AI will ruin everything. But let’s set aside hyperbolic ideas of AI as a silver bullet for all humanity's potential woes (or darkest timeline visions of Skynet) and…
[](/blog/enterprise/ai-in-the-enterprise)
With Kong Insomnia 8.3 ( available today ) we’ve brought back 100% local storage with no cloud synchronization for your projects, while at the same time keeping the same workflow for users who want to collaborate in the cloud. To start using Local Vault, get started for free with Insomnia. This…
[](/blog/product-releases/insomnia-8-3)Secure your AI infrastructure with prompt guards, PII sanitization, and centralized governance. Control LLM costs with token-based rate limiting and semantic routing across providers.