Skip to main content
Feedback

API Management Release Notes for March 2026

note

All API Control Plane features and fixes listed for the March Platform release will be available on March 28, 2026.

Platform Release

March 14 2026

API Control Plane

New
We added these features
  • API gateway agents for Boomi Cloud API Management environments are now automatically provisioned, registered, and managed by Boomi. With this enhancement, there is no longer a need to manually install or configure agent Docker containers. (ACP-1244)
note

With this release, there are no changes to the standalone/Docker API Control Plane agents for discovering Cloud API Management services. Standalone/Docker and automatically provisioned environments will co-exist, but the ability to create standalone/Docker API Control Plane agents for discovering Cloud API Management services will be retired in six months. It is recommended to remove standalone agents before retirement.

  • You can now package APIs from different gateway vendors into the same API Product and present them in the Developer Portal as one unified API Product. (ACP-2699, ACP-2696)
  • Made the following improvements to the Swagger Try-It-Out feature in Developer and Administration Portals:
    • You can now test APIs against multiple gateway environments, including non-production environments. (ACP-2359)
    • Added the ability to generate a code snippet from a request in the following languages: C#, Java, Go, NodeJs, Python, and Swift. (ACP-3094)
  • Added the ability to allow subscriptions to non-production APIs in Developer Portals. (ACP-2380, ACP-2360)
  • Enhanced security for Cloud API Management API Products. When you create a Cloud API Management API Product in API Control Plane and subscribe to it, a 64-character API package key and secret is generated in Cloud API Management. Previously, this key was 24 characters long with no secret. (ACP-3119)
Fix
We fixed this issue
  • If the authorization header parameter was provided in the Swagger UI and an API call was executed, the header value was not included in the HTTP request. (ACP-2601)

API Gateway

New
We added these features

  • Improved OpenAPI specification generation to include meaningful operation IDs (using endpoint names), comprehensive rate limiting documentation, CORS policy definitions, and enhanced input validation schemas to increase the security and quality scores of deployed APIs. (APIM-18371)

  • Implemented a robust encryption/decryption framework for OpenTelemetry configuration headers to secure credentials, such as API keys and tokens, against plain-text storage or transmission. Additionally, the API Gateway now supports independent endpoint routing for observability. You can now override individual endpoints to simultaneously deliver traces, metrics, and logs to different specialized observability platforms, rather than being restricted to a single destination for all data types. (APIM-18377)

  • Introduced an optional caching capability to the HTTP Callout policy. This allows the API Gateway to cache callout requests, limiting the number of calls to the external endpoint. This enhancement significantly reduces API latency, decreases the load on external services, and improves overall system resilience and performance. (APIM-19059)

On this Page