Kong Gateway 3.14: More Control, Less Toil With Simplified Security and Policies

Kong Gateway 3.14 addresses complex API platform challenges by introducing several key features to enhance infrastructure configuration, security, and observability without custom code. The update introduces conditional plugin execution, allowing users to specify conditions for plugin activation, reducing maintenance complexity and enhancing control over API traffic. It also adds JWT nodes for Datakit, enabling complex authentication workflows without code, and enhances WebSocket security with native OIDC and mTLS authentication, providing consistent security across HTTP and WebSocket traffic. Additionally, the new OpenID Token Exchange feature supports token transformation at the gateway level, mitigating security risks associated with token forwarding in microservices. Enhanced cloud-native authentication across AWS, Azure, and GCP improves security posture by eliminating static credentials. The introduction of the OpenMeter Plugin enables real-time metering and billing at the gateway, facilitating precise control over API and AI traffic usage. These innovations help platform teams focus on building robust infrastructures while maintaining security and efficiency.