API Management Release Notes for July 2026
API Control Plane
Features and fixes are not available in the runtime release unless noted otherwise.
-
You can now set a custom domain for Boomi-managed developer portals. You can provide your own SSL certificate or use a Boomi certificate component. (ACP-2652)
noteIf you are using a Subject Alternative Name (SAN) certificate, you must import it via the UI. It cannot be imported via the API at this time.
-
Added multi-version specification management, so now an API can have multiple specification versions. Previously, discovery would override the specification with the latest version. Now, all versions are displayed in the dedicated Versions page. (ACP-4230)
-
Added per-organization visibility for MCP servers in the developer portal. This allows each organization to see only the MCP servers assigned to it, keeping the developer portal scoped to what's relevant for a specific group. (ACP-4121)
-
Added the ability to filter out local servers/MCP servers on the MCP Registry API endpoint that use STDIO transport and servers that are distributed via package management software. (ACP-4144)
- API Control Plane could not discover deployed APIs on accounts that did not have the API Lifecycle feature enabled. (ACP-4170)
- Self-hosted developer portals had CORS errors when trying to access the
/devPortalsquery endpoint. (ACP-4175) - When deleting an API Product, the system deleted only the latest version of an API Product, and other versions remained in the MCP Registry. (ACP-4161)
- The MCP Servers menu option did not display in a developer portal when the visibility setting was set to Everyone. (ACP-4377)
- If the description for an MCP server was updated, the changes were not reflected on all pages within the MCP Registry. (ACP-4162)
API Gateway
- Added HMAC Authentication policy support to Boomi API Management Gateway. You can now configure, attach, and validate HMAC signatures for inbound API traffic directly through the API Gateway Manage APIs page. (APIM-18605)
