Skip to content
Kong Docs are moving soon! Our docs are migrating to a new home. You'll be automatically redirected to the new site in the future. In the meantime, view this page on the new site!
Kong Logo | Kong Docs Logo
  • Docs
    • Explore the API Specs
      View all API Specs View all API Specs View all API Specs arrow image
    • Documentation
      API Specs
      Kong Gateway
      Lightweight, fast, and flexible cloud-native API gateway
      Kong Konnect
      Single platform for SaaS end-to-end connectivity
      Kong AI Gateway
      Multi-LLM AI Gateway for GenAI infrastructure
      Kong Mesh
      Enterprise service mesh based on Kuma and Envoy
      decK
      Helps manage Kong’s configuration in a declarative fashion
      Kong Ingress Controller
      Works inside a Kubernetes cluster and configures Kong to proxy traffic
      Kong Gateway Operator
      Manage your Kong deployments on Kubernetes using YAML Manifests
      Insomnia
      Collaborative API development platform
  • Plugin Hub
    • Explore the Plugin Hub
      View all plugins View all plugins View all plugins arrow image
    • Functionality View all View all arrow image
      View all plugins
      AI's icon
      AI
      Govern, secure, and control AI traffic with multi-LLM AI Gateway plugins
      Authentication's icon
      Authentication
      Protect your services with an authentication layer
      Security's icon
      Security
      Protect your services with additional security layer
      Traffic Control's icon
      Traffic Control
      Manage, throttle and restrict inbound and outbound API traffic
      Serverless's icon
      Serverless
      Invoke serverless functions in combination with other plugins
      Analytics & Monitoring's icon
      Analytics & Monitoring
      Visualize, inspect and monitor APIs and microservices traffic
      Transformations's icon
      Transformations
      Transform request and responses on the fly on Kong
      Logging's icon
      Logging
      Log request and response data using the best transport for your infrastructure
  • Support
  • Community
  • Kong Academy
Get a Demo Start Free Trial
Kong Konnect
  • Home icon
  • Kong Konnect
  • Kong Konnect Updates
github-edit-pageEdit this page
report-issueReport an issue
  • Kong Gateway
  • Kong Konnect
  • Kong Mesh
  • Kong AI Gateway
  • Plugin Hub
  • decK
  • Kong Ingress Controller
  • Kong Gateway Operator
  • Insomnia
  • Kuma

  • Docs contribution guidelines
  • Introduction
    • Overview of Konnect
    • Architecture
    • Network Resiliency and Availability
    • Port and Network Requirements
    • Private Connections to Other Cloud Providers
      • Create a private connection with AWS PrivateLink
    • Geographic Regions
    • Centralized consumer management
    • Compatibility
    • Stages of Software Availability
    • Release Notes
    • Support
      • Control Plane Upgrades FAQ
      • Supported Installation Options
  • Get Started
    • Overview
    • Add your API
    • Migrating a Self-Managed Kong Gateway into Konnect
  • Gateway Manager
    • Overview
    • Dedicated Cloud Gateways
      • Overview
      • Provision a Dedicated Cloud Gateway
      • Securing Backend Traffic
      • Transit Gateways
      • Azure VNET Peering
      • Custom Domains
      • Custom Plugins
      • Data plane logs
    • Serverless Gateways
      • Overview
      • Provision a serverless Gateway
      • Securing Backend Traffic
      • Custom Domains
    • Data Plane Nodes
      • Installation Options
      • Upgrade a Data Plane Node
      • Verify a Data Plane Node
      • Secure Control Plane/Data Plane Communications
      • Renew Data Plane Certificates
      • Parameter Reference
      • Using Custom DP Labels
    • Control Plane Groups
      • Overview
      • Working with Control Plane Groups
      • Migrate Configuration into Control Plane Groups
      • Conflicts in Control Planes
    • Kong Gateway Configuration in Konnect
      • Overview
      • Manage Plugins
        • Overview
        • Adding Custom Plugins
        • Updating Custom Plugins
        • How to Create Custom Plugins
      • Create Consumer Groups
      • Secrets Management
        • Overview
        • Konnect Config Store
        • Set Up and Use a Vault in Konnect
      • Manage Control Plane Configuration with decK
    • Active Tracing
      • Overview
    • KIC Association
    • Backup and Restore
    • Version Compatibility
    • Troubleshooting
  • Mesh Manager
    • Overview
    • Create a mesh with the Kubernetes demo app
    • Federate a zone control plane to Konnect
    • Migrate a self-managed zone control plane to Konnect
  • Service Catalog
    • Overview
    • Integrations
      • Overview
      • Datadog
      • GitHub
      • GitLab
      • PagerDuty
      • SwaggerHub
      • Traceable
      • Slack
    • Scorecards
  • API Products
    • Overview
    • Product Documentation
    • Productize a Service
  • Dev Portal
    • Overview
    • Dev Portal Configuration Preparation
    • Create a Dev Portal
    • Sign Up for a Dev Portal Account
    • Publish an API to Dev Portal
    • Access and Approval
      • Manage Developer Access
      • Manage Developer Team Access
      • Add Developer Teams from IdPs
      • Manage Application Registrations
      • Configure generic SSO for Dev Portal
      • Configure Okta SSO for Dev Portal
    • Application Lifecycle
    • Register and create an application as a developer
    • Enable and Disable App Registration for API Product Versions
    • Dynamic Client Registration
      • Overview
      • Okta
      • Curity
      • Auth0
      • Azure
      • Custom IdP
    • Portal Management API Automation Guide
    • Audit Logging
      • Overview
      • Set up an Audit Log Webhook
      • Set up an Audit Log Replay Job
    • Portal Customization
      • Overview
      • About Self-Hosted Dev Portal
      • Host your Dev Portal with Netlify
      • Custom Domains
    • Dev Portal SDK
    • Troubleshoot
  • Advanced Analytics
    • Overview
    • Dashboard
    • Explorer
    • Analyze API Usage and Performance with Reports
    • Requests
  • Org Management
    • Plans and Billing
    • Authentication and Authorization
      • Overview
      • Teams
        • Overview
        • Manage Teams
        • Teams Reference
        • Roles Reference
      • Manage Users
      • Manage System Accounts
      • Personal Access Tokens
      • Social Identity Login
      • Org Switcher
      • Configure Generic SSO
      • Configure Okta SSO
      • Login Sessions Reference
      • Troubleshoot
    • Audit Logging
      • Overview
      • Set up an Audit Log Webhook
      • Set up an Audit Log Replay Job
    • Account and Org Deactivation
  • API
    • Overview
    • API Request API (Beta)
      • API Spec
    • API Products API
      • API Spec
    • Audit Logs API
      • API Spec
      • Audit Log Webhooks
    • Control Plane API
      • API Spec
    • Control Plane Configuration API
      • API Spec
    • Cloud Gateways API
      • API Spec
    • Identity API
      • API Spec
      • Identity Integration Guide
      • SSO Customization
    • Konnect Search API (Beta)
      • API Spec
    • Mesh Manager API
      • API Spec
      • Kong Mesh API Reference
    • Portal Client API
      • API Spec
    • Portal Management API
      • API Spec
    • Reference
      • Filtering
      • API Errors
  • Reference
    • Labels
    • Plugin Ordering Reference
    • Konnect Search
    • Terraform Provider
    • Audit Logs
    • Verify audit log signatures
    • IdP SAML attribute mapping
enterprise-switcher-icon Switch to OSS
On this pageOn this page
  • May 2025
  • April 2025
  • March 2025
  • February 2025
  • January 2025
  • December 2024
  • November 2024
  • October 2024
  • September 2024
  • August 2024
  • July 2024
  • May 2024
  • April 2024
  • March 2024
  • February 2024
  • January 2024
  • December 2023
  • November 2023
  • October 2023
  • September 2023
  • August 2023
  • July 2023
  • June 2023
  • May 2023
  • April 2023
  • March 2023
  • February 2023
  • January 2023
  • December 2022
  • November 2022
  • October 2022
  • September 2022
  • August 2022
  • July 2022
  • March 2022
  • January 2022
  • December 2021
  • November 2021
  • August 2021
  • June 2021
  • May 2021
  • March 2021
  • February 2021

Kong Konnect Updates

The updates contained in this topic apply to Kong Konnect, an application that lets you manage configuration for multiple runtimes from a single, cloud-based control plane, and provides a catalog of all deployed services. Try it today!

May 2025

May
08
Focus on your one key metric via our new 'Single Value' chart type
Many business and operational goals are defined by a single key metric such as error rate, request volume, or latency, making it essential to present that number clearly and without unnecessary visual clutter. With the new Single Value chart type in Explorer, Konnect users can now highlight important metrics with a clean, focused display.

April 2025

April
23
Introducing Custom Plugin Streaming for Dedicated Cloud Gateways
We are excited to announce support for Custom Plugin Streaming for Dedicated Cloud Gateways. This new feature simplifies the process for customers to deploy and manage their custom plugins on Dedicated Cloud Gateways, providing enhanced flexibility and control over plugin deployments and management.
April
23
Introducing AWS PrivateLink for Konnect APIs!
We are pleased to announce that Konnect API calls, including the API calls made through decK and Terraform can now be made through AWS PrivateLink. Users can leverage AWS PrivateLink for a secure connection to Konnect APIs (including decK and Terraform).
April
17
Expanded AWS PrivateLink region availability
Today we're excited to introduce PrivateLink support for four additional AWS regions. You can leverage AWS PrivateLink for an additional layer of security between the control plane in Konnect and your dataplanes in your environment.
April
14
🎉 Introducing Snippets for Dev Portal Beta 🎉
Following the successful launch of Dev Portal Beta, we're continuing to deliver new value incrementally as we march toward GA. 📃 Release notes Snippets allow for reusable content in portal Pages, making content more manageable, and adding modularity to your Dev Portal content strategy.
April
09
Slack Integration in Service Catalog
You can now map Slack channels as a new Resource type in Service Catalog. This integration enables discovery of all channels in a connected Slack workspace and allows those channels to be mapped to individual Services, making it easier for developers to find and contact Service or API owners.
April
09
Custom Dashboards Tech Preview now available by default to all users
Custom dashboards are off to a strong start! In just three weeks of early access, we've seen great usage and received tons of helpful feedback—thank you!

March 2025

March
31
Reduce operational burden through centralized consumer management in Konnect!
Users can define consumers centrally in every region of Konnect and reference them in multiple control planes starting with Kong Gateway 3. 10.
March
06
Creating personalized dashboards is now in Tech Preview
We’re excited to announce an early prototype release of custom dashboards in Konnect Labs (KLabs) as a Tech Preview. Today, our built-in Summary dashboard provides a fixed set of key performance metrics, but we know that every organization has different priorities.
March
06
New API metrics endpoint is now available
Advanced Analytics customers can now benefit from a new endpoint that allows them to programmatically access the same API consumption and performance metrics previously available only through our Advanced Analytics UI. This release empowers users to retrieve real-time data, create custom integrations, and build automated reporting directly from our analytics infrastructure.
March
05
Introducing the new Dev Portal beta! 💥
We’re proud to announce the Beta launch of our all-new Dev Portal! This release provides a highly customizable API consumption experience to establish API producers’ brand and project a strong developer experience.

February 2025

February
28
Scorecards in Service Catalog now available in Public Beta
Scorecards enable Platform Teams to easily pinpoint Services in their catalog which aren’t compliant with Kong-recommended and industry-defined maturity standards. By identifying non-compliant Services and providing actionable next steps for each responsible Service Owner, this feature helps Platform Teams drive adherence across their organization.
February
18
Google Cloud now BETA on Cloud Gateways!
We are excited to announce the BETA launch of Dedicated Cloud Gateways on Google Cloud. This is a beta release available the following Google Cloud regions: US (South Carolina) Canada (Montreal)Europe (Belgium)Asia-pacific (Tokyo) This expansion enables greater flexibility for our customers, allowing you to deploy high-performance API gateways in the Google Cloud environment to meet your specific business and infrastructure needs.

January 2025

January
31
Download logs for Dedicated Cloud Gateways
Dedicated Cloud Gateways now supports viewing and downloading Data Plane logs. This new capability allows customers to better manage and troubleshoot their Cloud Gateways, providing greater visibility into their operations and faster issue resolution.
January
30
New dimensions and more comprehensive insights with "empty" values
We're excited to introduce two new improvements to our Advanced Analytics experience: More comprehensive insights with "empty" We now display counts for "empty" values in our analytics experience. "Empty" indicates a request exists, but there is no specific value associated with an attribute of that request (e.
January
28
GitLab Integration in Service Catalog
You can now map "GitLab Projects" as a new Resource type in Service Catalog. This integration enables discovery of API specs hosted in GitLab and ingestion of Events for merge request activity (opened and merged).
January
22
We are excited to announce the Notification Hub in Konnect!
We are excited to announce the Notification Hub in Konnect. You have the option to get notifications delivered in Konnect UI or to their registered emails.

December 2024

December
19
Enhanced Data Exploration: New Features and Chart Types in Konnect Advanced Analytics
We are excited to announce two new features that enhance our data analysis and troubleshooting experience in Konnect Advanced Analytics. With critical events often happening in seconds, lower time granularity can cause users to miss crucial details, which is why we now enable configuration down to second-level precision.
December
12
Konnect is now available in India geo!
Konnect is now available in India! You can now leverage Konnect hosted in India to be close to your end customers and comply with the data residency requirements.
December
12
Developers can be authenticated using SAML protocol in Dev Portal!
We are excited to annouce that Konnect now supports SAML authentication protocol for Dev Portal login. SAML is an open standard that allows Konnect to delegate authentication to an identity provider (IdP).
December
09
Updated consumer display name in Advanced Analytics
Konnect Advanced Analytics will now prioritize and display the username field for consumers in all charts and API Requests when both username and custom_id are present. This aligns with user preferences for clearer identification.
December
09
Custom Domains for Serverless Gateways
Serverless Gateways now support configuring custom domains. To add a custom domain to your serverless gateway, hit the new 'Custom Domains' navigation item when inside a Serverless Control Plane and follow the instructions.

November 2024

November
29
Datadog Integration in Service Catalog
You can now map "Datadog Monitors" and "Datadog Dashboards" as new Resource types in Service Catalog. The former will allow you to view the statuses of your Monitors (Alert / Warn / OK), while the latter will allow you to easily access your Dashboards' external links from within the Service Catalog UI.
November
27
Konnect now supports AWS PrivateLink for CP <> DP communication
You can now leverage AWS PrivateLink for a secure connection between your dataplanes hosted in AWS and Konnect. This adds another layer of security between the control plane (CP) in Konnect and dataplanes (DP) in your AWS requirement.
November
26
Konnect is now available in Middle East!
Konnect control plane is now available in Middle East! You can now leverage Konnect hosted in Middle East to be close to your end customers and comply with the data residency requirements.
November
05
Introducing Konnect Config Store
We are excited to announce the launch of Konnect Config Store! You can now store your secrets and sensitive data for your gateways directly in Konnect Config Store and reference them in your gateway configuration.
November
04
Enhanced API Request Filtering Experience
We're excited to announce two important updates to our API Requests filtering capabilities:
  • Konnect users can now filter API requests by any attribute, including HTTP verb, IP, path, and more.
  • The API request slideout window now allows users to add filters directly by clicking on displayed metadata items.
These features work together to significantly streamline your investigation process. By providing more granular filtering options and an intuitive, one-click filter addition from the context of individual requests, you can quickly narrow down to the most relevant API requests.

Deprecation Notice: We have deprecated the old method of filtering requests via the API in favor of the new, more powerful filter options, which are now included in the updated API endpoint. While both old and new filtering methods will continue to work, we recommend users transition to the new fields so that they can leverage the new enhanced functionality.

October 2024

October
24
Serverless Gateways now in Public Beta
Serverless Gateways are now available to all Konnect Plus users in Public Beta. Serverless Gateways allow you to provision lightweight, managed Kong Gateway instances within seconds.
October
18
SwaggerHub Integration in Service Catalog
Service Catalog now supports importing API specifications directly from SwaggerHub. This integration enhances Service Catalog's ability to serve as your organization's central repository for all APIs.

September 2024

September
12
Introducing LLM Analytics in Kong Konnect for GenAI traffic
We’re pleased to announce the new LLM Usage reporting feature in Advanced Analytics with the release of Kong Gateway 3. 8.
September
11
Konnect Service Catalog launches into Public Beta
The Konnect Service Catalog is now available to all Konnect users in Public Beta. Service Catalog allows you to discover your organization's "Shadow APIs" through its integrations with Gateway Manager, Mesh Manager, and Traceable.
September
11
Plugin pricing updated
Plugins are no longer priced are Free, Plus, and Premium tiers separate from the Konnect subscription. There is no more extra fee to use any particular plugin.
September
11
Announcing Beamer Integration with Konnect
With Beamer, customers can easily stay up-to-date on the latest Konnect announcements without having to navigate across multiple websites.
September
03
Cloud Launchers deprecated
Cloud Launchers will be deprecated on November 30th, 2024. From this date onward, you will no longer be able to use pre-populated templates to launch data planes in AWS, Azure, or GCP using Cloud Launchers.

August 2024

You can now delete the default control plane
In Kong Konnect, it is now possible to delete the default control plane.
SAML Login support
Konnect now supports SAML authentication protocol for logging in. SAML is an open standard that allows Konnect to delegate authentication to an identity provider (IdP). You can choose between OIDC or SAML protocols while setting up Single Sign On for your organization.
General Availability of API Requests
Announcing the general availability of API Requests. API Requests provide detailed records for the requests that are made to your APIs. This information can not only help you understand your consumers better, but also simplifies any initial investigation into errors or performance issues by providing an intuitive web experience that is fully integrated into the rest of your Konnect organization.

July 2024

New refresh button in Advanced Analytics
We’ve introduced a refresh button on selected analytics pages such as API Requests and Explorer, allowing users to view updated data without triggering a full site reload. This feature also preserves applied filters and provides a more seamless user experience.
Dedicated Cloud Gateways on Azure

You can now run Dedicated Cloud Gateways on Azure in the following regions: Frankfurt, Ireland, UK South, Virginia, and Washington.

Azure regions

You can select Azure from the list of cloud providers when configuring your cluster.

Multi-portal
Konnect now supports multiple Dev Portals. Users can create multiple Dev Portals with the same functionality to better segment their customers, brands, and API product experiences. For more information, see Create Dev Portal.
Manage control plane analytics data ingestion
You can now opt-out from Analytics data ingestion for individual control planes. This allows you to not only control what data is important for Kong to keep, but also manage your overall spending on the Konnect Advanced Analytics app. If you disable analytics for a control plane, the data for that control plane will no longer display as part of the Analytics dashboard.

You can manage your control plane analytics data ingestion by editing an existing control plane and clicking the Advanced Analytics toggle.

May 2024

Gateway 3.7 Support
Konnect now supports the latest Kong Gateway release version of 3.7.
Additionally, the expression router is fully supported in the Konnect. You can now define your routes via expressions, and perform CRUD operations on them.

See the Gateway 3.7.0.0 changelog for all changes in the Kong Gateway release.

Konnect Konnect Search Enhancements
The new Kong Konnect search enhancements now allows you to to search across 29 entities in Konnect. The search enhancement is made up of an advanced search syntax coupled with a refreshed search bar in the UI and a Konnect Search API.

For more information, syntax description and use cases, see the Konnect Search API and the Konnect Search Guide.

April 2024

Dedicated Cloud Gateways

You can now quickly spin up a dedicated AWS cloud gateway data plane node in Konnect. With a dedicated cloud infrastructure, you control the sizing and deployment locations of the gateway infrastructure and Kong manages the operations of individual instances and the cluster for you.

Dedicated Cloud Gateways are the fastest way to configure and create a Kong Gateway in Konnect. All you have to do is specify the security you want to use and pre-warm the cluster while Konnect handles the cluster creation.

Dedicated Cloud Gateways also have the following benefits:

  • SOC1 compliant out-of-the-box
  • Konnect handles gateway upgrades for you
  • Supported on the following AWS regions: Sydney, Tokyo, Singapore, Frankfurt, Ireland, London, Ohio, Oregon

For more information, see About Cloud Gateways.

cloud gateway dashboard

Example of the dedicated cloud gateway dashboard in Gateway Manager. The dashboard displays the total traffic, error rate, and P99 latency. It also displays the top five gateway services and routes by traffic, as well as the plugins and consumers associated with the gateway.

Improved UI/UX for Plugins
We are happy to announce that a polished UI/UX experience for plugins is now available to our customers on Konnect. Required configuration settings are now grouped together, and indicated as required on the forms, improved tooltips and default fields are present on plugin forms, and a “most popular” plugins section is now available.

Improved UI/UX for plugins

Integrated Markdown Renderer
You can now take advantage of an integrated markdown editor for API Products in Konnect. This enhancement simplifies documentation updates by enabling you to edit markdown files directly within Konnect. The Konnect interactive markdown renderer supports:
  • Code syntax highlighting for bash, json, go, and js
  • Rendering UML diagrams and flowcharts via Mermaid and PlantUML
  • Emojis

Interactive editor

PKI Cert Mode Improvements
Konnect now defaults to PKI Cert mode for CP/DP connections. As a result, you can now specify your own CA certs during the creation of control planes. In addition, you can now upload your own Kong Cluster Cert/Key pairs to sign off using the CA cert that you uploaded, or continue to have Konnect generate Kong Cluster Cert/Key pairs for you.

March 2024

OAS 3.1 Support
Konnect and Portal now support OAS 3.1 out of the box. Users can now upload a YAML/JSON version of OAS 3.1 into their API Product version and the specification will be rendered in the spec viewer on both Konnect and Portal. With OAS 3.1, we now support describing the webhooks in your OAS the same way you describe your API paths. The new version of the spec renderer also supports all available theming options as before.

OSS Portal users can also take advantage of this component by upgrading to the latest version of @kong-ui-public/spec-renderer@2.1.1.

Refined user experience for Control Plane Groups
We’ve made improvements to refine the end-to-end workflow of Control Plane Groups for our customers. Now, Control Plane Groups are more intuitive, and easier to understand.
Enhanced error notification
Customers now have the ability to view detailed error notifications for their data plane directly within Konnect. The enhanced logging feature categorizes errors for improved clarity, distinguishing between configuration errors, transient configuration reload errors, and general exceptions. This update empowers users to diagnose and resolve CP/DP connection issues more efficiently.

Konnect-error-log

New Analytics Explorer page
You can now explore and visualize analytics data via an easy to use, point-and-click web interface. The Explorer page allows you to drill-down into data and easily discover how issues may impact your business. For more information, see the Explorer overview.
Improved Analytics summary dashboard
A new version of the Analytics summary dashboard is now available for all Konnect users. This new version displays all analytics information on one page, which allows you to focus on your most critical API usage data.

analytics summary dashboard

Example of the improved Analytics summary dashboard that displays total traffic, error rate, P99 latency, total traffic over time, latency breakdown over time, and Kong vs upstream latency over time.

February 2024

Download button added the documents UI
You can now click the Download button to download the markdown file currently being viewed from the documents UI.
Additional plugin support for consumer groups
Along with Kong Gateway 3.6 support in Konnect, additional plugins are now supported for consumer groups.

The following plugins can be applied to consumer groups using the Admin API and the Gateway Manager UI:

  • Rate Limiting (OSS)
  • Request Termination
  • Proxy Cache
  • Proxy Cache Advanced
Konnect API Products
Konnect now supports reusable auth strategies that can be applied to one or more API product versions. Konnect now also supports multiple DCR providers for portal applications. Users can now create separate DCR providers with various Identity Providers and apply them selectively to API Product Versions while still using non-DCR auth strategies for other API product versions. For more information, see Enable app registration with multiple IdPs

If you previously configured application registration, you will see your auth configs saved in a new sidebar section under Dev Portal called Application Auth.

Enhanced onboarding wizard
Konnect users can now experience an enhanced onboarding wizard when they sign up for a new Konnect organization. After signing up, you can optionally use the wizard to test a popular Konnect use case: key authentication or rate limiting. This experience starts with a local, Docker-based gateway setup, automatically configures Gateway Manager entities against demo endpoints, and then guides you through a basic workflow that tests gateway functionality.

For more information about how to get started with Konnect, see the Konnect Getting Started overview.

Autogenerated YAML and JSON configuration files for Konnect
You can now export configuration of core Gateway Manager objects, like services, routes, and plugins, to YAML or JSON. This allows you to import the file to APIOps tooling, like decK. For more information, see Manage Control Plane Configuration with decK.

Konnect-config-export

January 2024

Improved Proxy URL experience
Customers are now able to connect to their gateway proxy APIs by using either the public edge DNS that points to all regions, or the private IPs pointing to specific regions from directly within Konnect.
Group and filter API request and usage data by consumers
With Konnect Analytics, you can now breakdown API usage data and individual requests by consumers. This feature extends the existing support for Applications, providing users with a holistic understanding of all APIs and their consumer base, whether internal or external.

In addition, we’ve streamlined the filtering experience. Users can now conveniently input either the name or UUID into the filter dropdown, enhancing the overall usability.

Improved visibility for Control Planes and Control Plane Groups
Member control planes in a control plane group now have contextual analytics reporting available. That allows teams that own the configuration of an individual member control plane to better understand traffic towards their services, routes, and consumers.

Additionally, Konnect Analytics custom reporting feature now provides users with the option to select between control planes, control plane groups, and data planes which allows for more granular insights into traffic patterns.

Gateway Manager
On the Gateway Manager Overview pages, you can now see the configured consumers and plugins. Consumers are listed in topN order based on their traffic, while plugins are displayed in the order of their configuration.

December 2023

Konnect in Google Cloud Marketplace
Kong Konnect is now available for purchase through the Google Cloud (GCP) Marketplace including public and private offers. This allows you to retire your existing GCP Credits through your purchase of Kong Konnect and associated product capabilities.
Developer-Managed Scopes for Dev Portal
You can now give your customers more control over third-party application permissions using Auth0 DCR developer-managed scopes for Dev Portal. Developers can now configure unique scopes and permissions for each Auth0 DCR application they create, allowing them to set more fine-grained permissions for each of their target audiences. See Configure Auth0 for Dynamic Client Registration for details.
Gateway Manager
Navigation within nested entities has been enhanced. Now, any plugin configured for a service, route, or consumer is directly hyperlinked in the configuration.

November 2023

Multi-geo support
Kong Konnect now allows you to host and operate your cloud instance in a geographic region that you specify. This is important for data privacy and regulatory compliance for you organization. Geographic regions allow you to also operate Kong Konnect in a similar geo to your users and their infrastructure applications.

Geos are distinct deployments of Konnect with objects, such as services and consumers, that are geo-specific. Only authentication, billing, and usage is shared between Konnect geos.

Kong Konnect currently supports the following geos:

  • AU
  • EU
  • US

For more information, see Geographic regions.

Gateway Manager
The Konnect Gateway Manager has been updated to pull the most accurate data and remain consistent across Konnect.
Fuzzy filtering is now applied to return more accurate search results on the Konnect Gateway Manager for control planes, gateway services, routes, consumers, and plugins. Fuzzy Filtering is not supported for entities nested within another entity at this time (i.e - Services that belong to a control plane group, routes/plugins from inside a Gateway service, etc.)
Gateway 3.5 Support
Konnect now supports the latest Gateway release version of 3.5 including all Konnect-compatible plugins and now supports Azure key vault for Secrets Manager.
Consumer Groups Enhancements
Kong Konnect now supports enhancements to consumer groups as a part of the Kong Gateway 3.5 release. Customers can now apply the following plugins directly to consumer groups via the UI:
  • Request Transformer
  • Request Transformer Advanced
  • Response Transformer
  • Response Transformer Advanced
  • Custom plugins

See the consumer groups documentation to learn more.

October 2023

Portal Management API
Konnect portal administrators are now able to integrate portal management operations with their automation systems (such as CI/CD pipelines) by utilizing an officially published, documented, and supported Portal Management API. Approving developer and application requests, configuring appearance settings, and managing custom domain details can all be driven entirely through API automation.
Combine multiple metrics inside the same custom report
Konnect users are now able to select multiple metrics in a custom report. This feature allows them to compare multiple metrics of the same category (e.g. latency) within the same report instead of creating multiple reports.
OIDC Teams for DevPortal
Konnect portal administrators can now automatically assign Developers to Teams to get the corresponding RBAC permissions based on their Identity Provider groups or claims. This reduces the onboarding experience for new developers and offers a secure and efficient Dev Portal experience for internal and external audiences. For more information, see Add Developer Teams from IdPs.
PKI Certificates for CP/DP Authentication
Konnect now supports pinned PKI certs for CP/DP authentication. This means that Konnect supports digital certificates signed by a trusted CA in Konnect for CP/DP authentication.

September 2023

Custom plugin management
Konnect now supports self-service custom plugins through the UI and API. You can upload a plugin schema to Konnect and get started with custom plugins in a matter of minutes.

See Kong Gateway Plugins in Konnect to get started.

Auth0 DCR Configuration Audience Override
API Product Versions can be each be assigned to a different Auth0 API instance allowing service teams to have more fine grained control over scopes and permissions of their services. See Using Auth0 actions for more details.
API Requests is now in beta
Konnect users have now access to a new feature that tracks API requests in near real-time. API Requests provides detailed records for the requests that are made to your APIs. This information can not only help you understand your consumers better, but also simplifies any initial investigation into errors or performance issues by providing an intuitive web experience that is fully integrated into the rest of your Konnect organization.
Consumption based billing
New Konnect organizations will benefit from an updated Konnect Plus product tier which includes every product capability available. New accounts are automatically given a month of free credits as part of 30-day trial. For more information review our pricing page.
Social Login and Org Switcher
New users can now sign up for and login to Konnect organizations using their social identities from Google and GitHub. Users also have the ability to quickly switch between different Konnect organizations that they own or have been invited to.
  • Social Login - Login with social identities has been added as part of the “built-in” authentication scheme in Konnect. Users can use their Google and GitHub credentials to create new organizations and sign in to existing Konnect accounts with a matching email. User invitations may also be accepted via social login.
  • Organization Switcher - Users who have been invited to more than one organization will be able witch between orgs via the org switcher. In addition, users who wish to utilize more than one organization may create new organizations via org switcher. All organizations that have associated emails would be accessible to a login to via org switcher.
Renamed Konnect capabilities
We have renamed a number of core Konnect capabilities to simplify user understanding:

UI:

  • Runtime Manager is now Gateway Manager
  • Runtime groups are now control planes
  • Composite runtime groups are now control plane groups
  • Runtime instances are now data plane nodes

API:

  • /v2/systems-accounts to /v3/system-accounts
  • /v2/teams to /v3/teams
  • /v2/users to /v3/users
  • /v2/roles to /v3/roles
  • /v2/runtime-groups to /v2/control-planes
  • /v2/runtime-groups/{runtimeGroupId}/* to /v2/control-planes/{controlPlaneId}/*
  • /v2/runtime-groups/{runtimeGroupId}/composite-status to /v2/control-planes/{controlPlaneId}/group-status

decK:

  • decK command flag: --konnect-runtime-group-name to --konnect-control-plane-name
  • decK state file attribute: _konnect.runtime_group_name to _konnect.control_plane_name

Authorization logs:

  • Authz.runtimegroups to Authz.control-planes
  • Authz.services to Authz.api-products
Gateway Manager redesigns
The Gateway Manager Landing Page is now updated to nudge customers to create a control plane if none are present. In addition, the control plane creation workflow has been revamped to make it more intuitive and easier to follow.

The Gateway Control Plane Overview page is now updated to present the users all relevant information of a specific control plane. In addition, prompts that nudge users to create their first service, route, plugin, and consumer are presented on the Overview Pages to nudge users to immediately dive into Konnect for the first time.

Kong Mesh in Konnect
Kong Mesh joins Kong Gateway and Kong Ingress Controller in Konnect as a generally available control plane that is managed centrally by Konnect’s management plane. This unified API platform allows you to see all configuration management and manage services from Kong Gateway, Kong Ingress Controller, and Kong Mesh in a single location.

Mesh Manager also allows your organization to lower their operational overhead and elevate their developers’ experience by streamlining the operation of Kong Gateways, Kong Ingress Controller, and Kong Mesh with a hosted control plane that can be implemented across any cloud, virtual machine, or on-premises solution.

You can use Mesh Manager to create, modify, and delete mesh global control planes. Mesh global control planes are control planes that are mapped to different environments or business units. Each mesh global control plane maps to a Kubernetes or Linux zone through a process that is similar to adding a control plane for Kong Gateway using Gateway Manager. You can also now identify service meshes, view relevant metadata like meshes and zones, and access a service’s details in Konnect.

Mesh Manager is available now to Enterprise and new Konnect customers:

  • Enterprise customers will be able to access Mesh Manager immediately and can contact their sales representative for more information.
  • New customers can apply their trial credits towards mesh zones. For more information, see Konnect pricing.

Mesh Manager is not available for existing plus customers. Stay tuned for more information.

August 2023

Role-based Access Control for developer teams
Konnect Portal enables administrators with the ability to define Role-Based Access Control (RBAC) for teams of developers through the Konnect UI & API. See Manage Dev Portal Teams for more details.
New organizations new benefit from out of the box, pre-built Analytics reports
New organizations now benefit from out of the box reports. These reports represent common examples for important KPIs to track while monitoring the success of their APIs. Users are free to modify them and make these reports their own.
Release announcements in Konnect
With Makelog integration, you can now see the latest feature and update announcements in the Kong Konnect UI.
Gateway 3.4 Support
Konnect now supports the latest Gateway release version of 3.4 including all Konnect-compatible plugins.
Vault Secret Rotation
Konnect now supports the rotation of secrets stored in vaults without restarting the gateway. This allows you to securely manage your secrets. For more information, see Set Up and Use a Vault in Konnect.
Azure for Dynamic Client Registration
You can now use Azure Active Directory as the identity source for your Dev Portal’s Dynamic Client Registration configuration. This expands Konnect’s existing support, which already includes Okta, Auth0, and Curity. This streamlines developer self-service access to provisioning applications with secure access to published API Products. For more information, see Configuring Azure for Dynamic Client Registration.
Konnect Analytics display increase from 15 to 50
In our continuous efforts to optimize your custom reporting experience with Konnect Analytics, we’ve expanded the display limit from 15 to 50, providing a more comprehensive data view. Accompanying this change, we’ve refined our UI with enhanced tooltip functionality. Now, by simply clicking on report content, users can lock a tooltip in place. This feature not only allows for intuitive drag-and-drop repositioning but also enables scrolling within the tooltip to easily access additional data points.
Konnect consumer groups enhancements
Konnect now features the same consumer groups enhancements added in the Gateway 3.4 release. Consumer groups are now a core entity. With consumer groups, you can apply different configurations to select groups of consumers. The following plugins can be scoped to consumer groups:
  • Rate Limiting Advanced
  • Request Transformer Advanced
  • Response transformer Advanced
  • Request Transformer
  • Response Transformer

See the consumer groups documentation to learn more.

July 2023

API Products API released
A new Konnect API for managing API products and versions is now available for external consumption. This API allows you to create and manage API products and versions, upload documentation and specs, and link a version to an existing Gateway service to enable application registration. As a result, you can integrate this API into your automated pipeline to streamline publishing documentation for your products to your third-party developers. Explore the API spec on our Developer Portal
API Products
Introducing a new Service Hub module, API Products, where technical & non-technical audiences can document their services, link to Gateway services for application registration, and publish API Products to a Developer Portal for consumption. Existing Konnect customers will find that their services in the Service Hub have been seamlessly moved to the new API Products UI & API experience.

Note: Tagging your Gateway services with _KonnectService doesn’t automatically create an API product and API product version.

Composite runtime groups
Konnect now supports composite runtime groups, which enable users to leverage shared infrastructure across multiple teams in a secure, compliant fashion. With composite runtime groups, organizations can reduce infrastructure costs while providing the appropriate access to teams through RBAC.

Learn more about composite runtime groups:

  • Intro to composite runtime groups
  • Set up and manage runtime groups
  • Migrate configuration into a composite runtime group
  • Conflicts in runtime groups
  • API documentation
Analytics for composite runtime groups
Custom reports now support grouping and filtering by composite runtime group.
Kong Ingress Controller for Kubernetes in Konnect
The read-only Ingress Controller association with Konnect is now GA and can be deployed in a production environment. This release also includes the following features:
  • Konnect now manages license and entitlement for KIC-managed Gateways so that you don’t need to worry about license management. There is a seamless upgrade path available if you want to move from the OSS experience to the Enterprise experience.
  • Konnect now supports analytics for KIC runtime groups. You can get detailed visibility into your K8 native managed Gateways on the Konnect platform.
Identity Management and Audit Log Roles
Introducing two new administrative roles in Konnect, Identity Management and Audit Logs Setting.
  • Identity Management - access to users, teams, system accounts, tokens, IdP configurations, and authentication settings.
  • Audit Logs Setting - access to configuring webhooks to receive region-specific audit logs and to trigger audit log replays.

These roles provide finer control over administrative capabilities inline with least privilege principles.

June 2023

Contextual Developer Analytics
Kong Konnect launches new contextual analytics information for third-party developers inside the Dev Portal. Developers can now use that information to not only optimize but also keep on eye on their applications usage and therefore understand the interaction between them and the providers APIs.
Self-hosted, open source Dev Portal
You can now self-host an open-source Dev Portal on the hosting provider of your choice. Kong provides an example application you can use for an out-of-the-box experience with a self-hosted Dev Portal. You can also customize the self-hosted portal using the Portal Management and Portal APIs, and the Portal SDK. For more information, see About Self-Hosted Dev Portal.
Portal Client API
Konnect now supports customers’ integration with Dev Portal workflows via public APIs. For more information, see the Portal Client API spec.
Audit logging
Konnect now provides audit logging capability, designed to enhance the security, compliance, debugging and risk management of your core infrastructure. You can send audit logs directly to a webhook enabling seamless integration with your SIEM services, and resend audit log entries through replay jobs. For more information, see the documentation for Audit Logging.
OIDC Configuration API
Enterprise orgs using OIDC login can now specify additional scopes to be requested during the authorization grant flow. This allows organizations to request custom claims from their IdP. The custom claims can then be used to override the default mapping for the name, email and groups attributes which are used during the login flow. For example, the upn scope may be required to retrieve the userPrincipalName claim from Azure which can then be mapped to email attribute in Konnect.

May 2023

Gateway 3.3 Support
Konnect now supports the latest Gateway release version of 3.3 including all Konnect-compatible plugins.

April 2023

Metadata for runtime instance certificates
Kong Konnect now supports metadata for runtime instance certificates. You can now see expiry date and updated date from a certificate’s information page.
Allow filtering of runtime instances based on connection status
Runtime administrators can now filter runtime instances based on connection statuses connected, disconnected, or all.
My Account
Kong Konnect now includes a My Account feature. Here, users can easily edit their personal information, change their password, and manage their account. My Account is available by selecting your user icon in the top-right corner of the Kong Konnect manager and selecting My Account.
Navigation updates
Kong Konnect received a new navigation and layout update designed to provide a more intuitive and user-friendly experience. With this update, you will find the Region Switcher has moved to the bottom-left corner of the Kong Konnect manager closer to region-specific features.
Right To Be Forgotten (RTBF) in Kong Konnect
Kong’s privacy policy now includes the request process for removing personal information, also known as the right to be forgotten. You can also find a link to the policy in Kong Konnect under My Account.
Version picker in Runtime Manager Quickstart
Konnect now allows users to select the Kong Gateway version that they want for their Quickstart scripts (except for cloud provider quickstart scripts for AWS, Azure and GCP). This allows you to leverage official Konnect scripts to start your gateways while reducing the number of errors due to an invalid script for a certain Kong Gateway version. For more information, see Supported Installation Options.
GraphQL plugins
Konnect now supports the the following GraphQL plugins:
  • DeGraphQL: Transform a GraphQL upstream into a traditional endpoint by mapping URIs into GraphQL queries.
  • GraphQL Rate Limiting Advanced: Rate limit GraphQL requests.
Kong Ingress Controller for Kubernetes in Konnect
Konnect now allows customers to associate an Ingress Controller with Konnect in a read-only fashion. This feature is released as beta and should not be deployed in a production environment.

March 2023

Reports V2
Kong Konnect users now have access to a new user interface for our custom reports feature within Konnect Analytics. The new interface not only makes creating reports easier but it also provides new capabilities such as a preview and a more advanced filtering experience. For more information, see these new report use cases.
Enriched documentation experience for service packages
Kong Konnect users can now publish contextual documentation as multiple markdown files in the Service Hub and render in the Dev Portal, so that developers can see different material more clearly. For example, release notes can now be published separately from deployment workflows.
Enhanced Service Hub experience
The Service Hub user experience is now more intuitive, helpful, and impressive as the primary Service catalog for application developers and API product owners. We’ve optimized descriptions, placement of information, and rendering of data to include markdown files and API specs.

February 2023

Support for Gateway 3.2.x features
Kong Konnect now supports the following features released in Kong Gateway 3.2.1.0:
  • Asymmetric Key Storage: Keys and key sets can now be configured in Runtime Manager.
  • Optional plugin config field: Every plugin now supports the optional instance_name field.
System accounts
Organizations now have access to system accounts which can be created without a verified email address. This allows a system account to be used as part of an automation or integration that is not associated with any person’s identity.
Multiple authentication methods for Dynamic Client Registration
Dynamic Client Registration (DCR) now supports multiple authentication methods, including client credentials, bearer tokens, and session cookies.
OAS Validation plugin support
Kong Konnect now supports the OAS Validation plugin. This plugin allows you to validate HTTP requests and responses based on an API specification. For more information, see the OAS Validation plugin documentation.
Dev Portal RBAC via the API
You can now perform Dev Portal RBAC operations using the Kong Konnect API. This allows you to assign the following roles to Dev Portal developers:
  • API viewer: Allows the Dev Portal developer to view the documentation of services.
  • API consumer: Allows the Dev Portal developer to register their applications with the consumer services.

For more information, see Portal RBAC Setup and the Portal RBAC API documentation.

January 2023

Dynamic plugin ordering using the UI
You can now configure dynamic plugin ordering using the Konnect user interface. Dynamic plugin ordering allows you to override the default static plugin execution order by choosing which plugins run before or after another plugin.

Known limitation: The control plane can’t evaluate any conflicts in the dynamic ordering. If there are any conflicts in the defined order of plugin execution, you will only know during execution via the dataplane logs.

For more information, see Plugin Ordering Reference.

Consumer groups
Konnect now supports configure consumer groups to enable tier-based API consumption via the Konnect user interface. Consumer groups work with the Rate Limiting Advanced plugin to allow you to manage custom rate limiting configurations for subsets of consumers. With consumer groups, you can define any number of rate limiting tiers and apply them to subsets of consumers instead of managing each consumer individually. Consumer groups are also supported through decK.

Known limitation: There is a rate limiting advanced plugin bug for local strategy where the number of remaining requests resets after every couple of seconds. You can use the Redis strategy as a workaround or if you want to test with local strategy, you can use Kong Gateway version 3.0.2.0.

For more information, see Create Consumer Groups in Konnect.

Auth0 support for Dynamic Client Registration
Auth0 is now available as an identity provider for Dynamic Client Registration (DCR).

Known limitation: Unlike other DCR providers, Auth0 requires specifying audience, which represents an independent token recipient. Multiple applications can be mapped to one Audience API within auth0 and share the same permissions accordingly. Currently, our OIDC plugin can only support single audience for this release. We will consider adding support for multiple audiences in the future iteration.

Simplified docker script for creating Runtime Instances
Konnect now supports a simplified docker script to create a new runtime instance as well as in the QuickStart which makes it easier to create runtime instances. Instead of downloading a script from github, customers can now use a simple docker run command. This decrease the time and effort taken by customers to launch a Kong Gateway and improves security during runtime instance creation. Runtime Manager also supports simple copy buttons inside the code block components to make it easy for users to copy!
Curity support for Dynamic Client Registration (GA)
Curity is now available as an identity provider for Dynamic Client Registration (DCR).

December 2022

Curity support for Dynamic Client Registration (beta)
Curity is now in beta release as an identity provider for Dynamic Client Registration (DCR).
Secrets management using vaults
Konnect now supports storing sensitive values in a vault with any of the following backends:
  • Environment variables
  • AWS Secrets Manager
  • HashiCorp Vault
  • GCP Secret Manager
See the vaults documentation to get started.
App Registration Enhancement
Konnect now supports editing the app registration configuration while the app registration is still active.
Runtime Groups Configuration API
Konnect APIs for runtime group configuration are now available for external consumption. This set of APIs allow organizations to create and manage kong gateway entities and CP/DP certificates. As a result, customers can leverage our APIs to provision runtime groups in their automated pipelines or platform infrastructure while managing data plane connections.
New Kong Konnect Analytics custom report chart types and metrics
You can now choose between different chart types when creating custom reports. This feature allows you to better understand traffic patterns, user behavior, or trends over time.

The new additions include:

  • New chart types: You can now select between either horizontal or vertical bar charts, as well as line charts.
  • New metrics: You can now measure requests per minute, response latency, response size, and request size as percentiles.
  • New time selector: Allows you to use relative time periods, which can help you avoid manually adjusting your reports for weekly reports.

For more information, see Generate Reports.

Konnect Overview & Service Wizard
Konnect admins now have an Overview page which offers a high-level summary of their entire Konnect platform, news updates, and learning opportunities. In addition, we’ve added a new Service Wizard to walk admins through the end-to-end process of setting up a Service Package & Service Version, configuring a Kong Gateway, uploading documentation, and publishing a Service to the developer portal.
Kong Gateway 3.1 support
Konnect users can now use Kong Gateway 3.1 with Konnect. This allows Konnect users to access the new capabilities and improvements added to Kong Gateway 3.1 core platforms.
Support for all Kong Gateway 3.1 plugins
Konnect users can now take advantage of the the entire plugin suite offered alongside Kong Gateway 3.1. For more information about the available plugins. review our compatibility documentation.
Runtime Groups API
Konnect APIs for runtime groups are now available for external consumption. This set of APIs allow organizations to create and manage runtime groups and manage CP/DP certificates. View API documentation.

November 2022

Application registration support in any runtime group
Konnect now officially supports app registration to services in both default and non-default runtime groups. Portal developers can register their applications to consume services proxied through gateway services in both default and non-default runtime groups.

Currently, this feature is only available for services being proxied through Kong Gateway 3.0.0.0 or later.

Dev portal Dynamic Client Registration

As part of this release, we have improved the UI for DCR to provide a more polished experience for users.

Certificate management functionality added to the Kong Konnect runtime manager
Konnect now allows customers to handle the complexity of creating, storing, and organizing certificates needed for runtime instances connected to runtime groups in Konnect. This reduces operational complexity for customers while ensuring that security is not compromised.
New Analytics predefined teams
Konnect now allows you to add users to the Analytics Viewer and Analytics Admin teams. These teams allow you to give users access to only the Analytics section in Konnect. With this release, individual users don’t have to be Organization Admins anymore to access all the Analytics capabilities.

Konnect now includes the following predefined Analytics teams:

  • Analytics Admin: Users can fully manage all Analytics content, which includes creating, editing, and deleting reports, as well as viewing the analytics summary.
  • Analytics Viewer: Users can only view the analytics summary and report data.

For more information, see Teams Reference.

Migration to cloud.konghq.com is completed
All active accounts have been migrated from konnect.konghq.com to cloud.konghq.com. The deprecated environment at konnect.konghq.com is no longer available.
Multiple runtime groups
All the runtime groups in Konnect, including default and non-default runtime groups, are eligible for application registration.
Editing the default runtime group
You can now edit the name of the default runtime group. The group still retains its status as the default group, and can’t be deleted.
Konnect APIs for identity management
Konnect APIs for identity management are now available for external consumption. This set of APIs allow organizations to manage users, teams, team memberships, team mappings and role assignments. As a result, customers can leverage our APIs to build custom integrations with their identity provider or ERP systems to manage their users and user’s access to Konnect. IdP API documentation

October 2022

Dynamic client registration
Dynamic client registration with Okta is now in public beta. Test it out yourself!
Latency reporting
The Analytics dashboard now includes a latency tab, which lets you track request latency for the P50, P95, and P99 percentiles. P99 latency data also appears in runtime groups and on service overview pages in the Service Hub.

This feature is available for runtime instances running Kong Gateway 3.0.0.0 or later.

September 2022

Analytics custom reports
Analytics custom reports are now generally available in Kong Konnect. This release focuses on stability and minor usability improvements.

Custom reporting provides more data insights by allowing you to view data details and export data into a CSV file.

Runtime groups dashboard
In Kong Konnect, you now have insights into your runtime groups usage across all and individual runtime instances. These insights help platform owners to understand the health and performance of each runtime group, which often reflects individual business units in a more federated organization.
Custom plugin instantiation
Kong Konnect now allows you to discover, configure, and apply Kong approved custom plugins to your control planes directly through the plugin hub in Runtime Manager. You can do this by submitting your custom plugin schemas for approval through the CRE teams. This allows you to expand Kong’s functionality in your environment by using custom plugins, while reducing the operational overhead of working with your CRE teams to discover, configure, and apply custom plugins.
Launch runtimes directly in a cloud provider
You can now create runtime instances in Azure and AWS directly through Kong Konnect. This simplifies the operational process for creating the runtime instance in your private cloud for AWS and Azure.
Support for multiple versions of runtime instances
Kong Konnect now supports running multiple runtime instances versions at the same time with the same control plane configuration. This makes it easier for you to test and validate new runtime instance versions, such as patch, minor, and major upgrades. This release includes a new user interface that provides information about which runtime instances are incompatible with the current gateway configuration and provides actionable insights into the corrective steps to fix the issue.
Quick start for new Kong Konnect org admins
Kong Konnect now includes an optional quick start that automatically creates a runtime group, service package, and gateway service, applies the CORS plugin, and shows analytics for that service with the click of a button. You can use the quick start to become familiar with the different aspects of Kong Konnect via text and call-outs to key documentation throughout the onboarding process.
Organization Admin (Read Only) predefined team
A new predefined team has been introduced in Kong Konnect. This team allows you to grant users read-only access to all features and functions in Kong Konnect. As always, permissions are additive, so a user in the Organization Admin (Read Only) team may also have write access to various features if they are assigned additional permissions.
Multi-runtime group app registration support
You can now enable app registration to services in all runtime groups. This feature only supports versions in the non-default runtime group that use Kong Gateway 3.0.

As part of this release, API key credentials are no longer stored in the Dev Portal. Portal developers will need to store their credentials immediately after creation.

Dynamic client registration
Kong Konnect Dev Portal supports integration with Okta for end-to-end client management. This feature is released as a private beta. This feature allows Dev Portal developers to automatically create applications in Okta and receive credentials to access services proxied through Kong Gateway.
Service version lifecycle
You can identify the lifecycle stage of your APIs and notify Dev Portal developers if a particular API will be deprecated soon.
Kong Gateway 3.0.0.0 support
Kong Konnect now supports Kong Gateway 3.0.0.0 runtimes. You can keep using existing 2.8.x runtimes, or you can upgrade to 3.0.0.0 to take advantage of any new features, updates, and bug fixes.

With this major release, Kong Gateway introduces many new features, including:

  • Five new plugins, including WebSocket validation support, TLS connection customization, and OpenTelemetry
  • A new expression-based router
  • Dynamic plugin ordering through declarative configuration
  • Slim and UBI Docker images and much more.

3.0.0.0 is a major release. This means that it contains breaking changes and incompatibilities with 2.x versions. Review the list of breaking changes before upgrading to 3.0.

In particular, note the following:
  • Changes to regex route path format: 3.0 has a new router. To make sure your existing routes work in 3.0, add a ~ to any regex routes. Learn more in the route configuration guide.
  • Limitations (Konnect only): Secrets management and consumer groups are not yet supported in Kong Konnect.

For all the changes and new features in Kong Gateway 3.0.0.0, see the changelog.

To use any new features in the release, start up a new 3.0.0.0 runtime.

August 2022

Generic OIDC

Konnect launches generic OIDC support to allow Single-Sign-On (SSO) for platform login. Customers now have the ability to configure a separate OIDC-compliant Identity Provider (IdP) for Konnect. Generic OIDC is an Enterprise feature.

Personal Access Tokens

Konnect users can now generate personal access tokens (PATs). PATs are used as an alternative method of authentication for decK commands avoiding the need to use traditional username and passwords.

AWS Marketplace Listing

Konnect Enterprise can now be purchased through the AWS Marketplace or via private contract with your Amazon Web Services account team. This greatly simplifies the procurement process for existing AWS customers.

DevPortal Custom Domain Progress Indicator

We’ve added an in interactive checklist when configuring a custom domain for your developer portal. There is now an indicator to help understand if your DNS changes have propagated, and when the SSL certificate has been generated by Konnect.

Download option to all reports

We have introduced an “Export” option to all reports inside the overview page in Vitals. Exporting a report downloads an unpivoted CSV to your local machine that can be used for offline analysis.

July 2022

New environment for Konnect

Konnect is now available at cloud.konghq.com, which replaces the konnect.konghq.com environment. The environment at konnect.konghq.com will no longer receive any updates, and will be deprecated in the near future.

Existing organizations will be automatically upgraded to the new Konnect environment over the next 4-6 weeks. We will be contacting your organization administrator with more details on the upgrade process.

You can continue using your konnect.konghq.com account and wait until we migrate it, or create a new account and manually migrate configuration to the new account.

The minimum supported Kong Gateway version for this environment is 2.5.0.1.

Runtime groups
Konnect now manages all runtime configuration through runtime groups, which provide the ability to securely isolate configuration for sets of runtime instances. Essentially, this gives you access to multiple SaaS-managed control planes in one Konnect organization.

Every organization starts with one default runtime group. Additional custom runtime groups are an enterprise-only feature.

Learn more about runtime groups and managing them through the Runtime Manager, or manage runtime groups with decK.

With runtime groups come a few other changes to runtime management for all organizations:

  • Certificate rotation and management:
    • When setting up runtime instances through the Konnect UI, certificates are generated in the browser and pushed to the Konnect API.
    • Konnect no longer requires CA certificates for runtime instances.
    • The validity period for runtime instance certificates has been extended from six months to ten years.
  • Reworked Gateway configuration UI:
    • The Shared Config menu is now part of Runtime Manager. Manage your Gateway services, routes, plugins, upstreams, SNIs, and certificates through a runtime group, alongside all of the runtime instances in that group.
  • You can use labels for categorizing runtime groups. Labels are key:value pairs, and are helpful for organizing, searching, and filtering subsets of Konnect entities.
Teams and roles
You can now manage Konnect authorization with teams and roles. Existing RBAC roles have been converted to predefined teams, which are available for all Konnect organizations.

To manage user access, invite users to Konnect and add them to teams, or assign individual roles to a user.

With a Konnect Enterprise subscription, you can also create custom teams and assign per-entity permissions for each team.

Declarative configuration management support with decK
As of decK 1.12, standard decK commands such as diff, sync, and dump support Konnect runtime groups.
Learn how to use decK with Konnect:
  • Get started with decK and Konnect
  • Import Kong Gateway or konnect.konghq.com configuration into cloud.konqhq.com
  • Manage runtime groups with decK
Tags for Konnect services
You can now connect Konnect services to Gateway services with the _KonnectService tag.
Konnect UI/UX redesign
The Konnect UI now has reworked navigation, refreshed colors and styles, and a focus on consistent interactions throughout the application.

Navigation redesign details:

  • Services is renamed to Service Hub
  • Runtimes is renamed to Runtime Manager
  • Shared Config is now part of Runtime Manager
  • Dev Portal settings have moved from the general settings page to the Dev Portal section
  • Refreshed iconography for the main menu
Dev Portal default theme
The Dev Portal now comes with a new default theme: “Mint Rocket”.
Dev Portal SSO support with your own IdP
You can now configure custom identity providers (IdPs) for the Dev Portal.
See the SSO documentation for more information.
Simplified custom Dev Portal URL setup
SSL certificate generation for custom URLs is now handled by Konnect.

To set up a custom URL, see the Dev Portal customization documentation for more information.

Vitals metrics and dashboards
The Vitals overview dashboard has been reworked for Plus and Enterprise tiers. The dashboard now provides metrics for services cataloged by Service Hub within a selected time interval. You can view a graph for each category by clicking Traffic or Errors, and switching between the two views. Each graph is filterable by time frame.

In the Service Hub, graphs for services and routes now show data up to the last 30 days.

Vitals custom reports

Vitals custom reports are now available for Plus and Enterprise tiers. Through the Vitals menu, you can create custom reports to track API requests for services, routes, and applications.

See the custom reports documentation for more information.

Custom plugin requirements have changed
Some custom plugin limitations have changed or been removed. See the latest requirements in the plugin documentation.

Custom plugins can’t be added directly through the Kong Konnect application. If you have a custom plugin you want to use in Konnect, contact Kong Support.

Refactored documentation
The Konnect documentation has been refactored to match the new Konnect navigation, and generally reworked to provide a better experience for Konnect users. Let us know what you think via team-docs@konghq.com!
Known issues/limitations
The cloud.konghq.com environment has the following restrictions:
  • Application registration through Dev Portal can only be used with the default runtime group. This restriction will be removed in a future update to Konnect.
  • The following plugins are not supported:
    • OAuth2 Authentication
    • Apache OpenWhisk
    • Vault Auth
    • DeGraphQL
    • GraphQL Rate Limiting Advanced
    • Key Authentication Encrypted
  • decK does not support authenticating against Runtime Groups when single sign-on (SSO) is enabled.

March 2022

Kong Gateway 2.8.0.0 support
Kong Konnect now supports Kong Gateway 2.8.0.0 runtimes. You can keep using existing 2.7.x runtimes, or you can upgrade to 2.8.0.0 to take advantage of any new features, updates, and bug fixes.

For all the changes and new features in Kong Gateway 2.8.x, see the changelog.

To use any new features in the release, start up a new 2.8.0.0 runtime.

January 2022

Custom Domain for Dev Portal
You can now set a custom domain for your Dev Portal through the Kong Konnect Admin UI.

See the documentation: Add a Custom Domain.

Headers are modifiable
You can now set a welcome message and primary header through the Admin UI for your Dev Portal.

December 2021

Kong Gateway 2.7.0.0 support
Kong Konnect now supports Kong Gateway 2.7.0.0 runtimes. You can keep using existing 2.6.x runtimes, or you can upgrade to 2.7.0.0 to take advantage of any new features, updates, and bug fixes.

For all the changes and new features in Kong Gateway 2.7.x, see the changelog.

To use any new features in the release, start up a new 2.7.0.0 runtime.

November 2021

Single-sign on (SSO) with Okta
Kong Konnect now supports single sign-on (SSO) access through Okta with OpenID Connect.

See the guide on Setting up SSO with Okta for more information.

Kong Gateway 2.6.0.0 support
Kong Konnect now supports Kong Gateway 2.6.0.0 runtimes. You can keep using existing 2.5.x runtimes, or you can upgrade to 2.6.0.0 to take advantage of any new features, updates, and bug fixes.
This release introduces the new jq plugin. It also adds new features and improvements to a long list of plugins, including:
  • Kafka Log and Kafka Upstream: Support for TLS, mTLS, and SASL auth
  • Prometheus: Introduces the data_plane_cluster_cert_expiry_timestamp metric, letting you keep an eye on the status of you data plane certificates
  • Request Termination: Introduces the new trigger configuration option, which tells the plugin to activate only on specific headers or query parameters

To use any new features in the release and gain access to the jq plugin, start up a new runtime.

For all the changes and new features in Kong Gateway 2.6.x, see the changelog.

Tags for auth plugins created by application registration
When you enable application registration on a Service, Kong Konnect enables two plugins automatically: ACL, and one of Key Authentication or OIDC. These plugins cannot be edited or deleted directly. To help differentiate the Konnect-managed plugins and avoid breaking your service, Konnect now adds two metadata tags for declarative configuration: konnect-managed-plugin and konnect-app-registration.

August 2021

Kong Gateway 2.5.0.1 support
Kong Konnect now supports Kong Gateway 2.5.0.1. runtimes. You can keep using existing 2.4.x runtimes, or you can upgrade to 2.5.0.1 to take advantage of any new features, updates, and bug fixes.
This release includes event hook support, improvements to CP-DP communication, new configuration options in plugins, and more.
For all the changes and new features in Kong Gateway 2.5.x, see the changelog.

June 2021

Global plugin support
You can now configure global plugins through Kong Konnect. Visit the Shared Config page and select the Plugin menu option to get started.
Kong Gateway 2.4.1.1 support
Kong Konnect now supports Kong Gateway 2.4.1.1 runtimes. You can keep using existing 2.3.x runtimes, or you can upgrade to 2.4.1.1 to take advantage of any new features.
The 2.4.1.1 release includes two new plugins: OPA and Mocking. To use these plugins, and any other features newly introduced in this release, start up a new runtime.
For all the changes and new features in Kong Gateway 2.4.x, see the changelog.
More plugins available in Kong Konnect
The following plugins are now available:
  • Free tier
    • Pre-function (pre-function)
    • Post-function (post-function)
    • Datadog
    • Zipkin
    • Request Size Limiting
    • Request Transformer
  • Plus tier
    • Exit Transformer
  • Enterprise tier
    • Key Auth Encrypted
    • Request Transformer Advanced
    • Response Transformer Advanced
Default strategy/policy for rate limiting plugins
The rate limiting plugins now default to redis as the rate limiting strategy or policy. This setting allows cluster-wide rate limiting using a Redis server. To store counters in-memory on each node, change this setting to local.

The cluster config strategy/policy is not supported in Kong Konnect, and does not appear as an option in the plugin configuration anymore.

To find the setting based on the rate limiting plugin, see:

  • config.policy:
    • Rate Limiting
    • Response Rate Limiting
  • config.strategy:
    • GraphQL Rate Limiting Advanced
    • Rate Limiting Advanced
Sorting the runtime status table
You can now sort the runtime status table in Runtime Manager by the Last Seen or Sync Status columns.

May 2021

Certificate expiration limit extended
The validity period for runtime certificates has been extended from 30 days to six months.

To take advantage of the new validity period, bring up new data planes through the Runtime Manager. For existing instances, generate new certificates.

Konnect Plus is launched!
Konnect introduces a new plan tier system for subscriptions.
  • Kong Konnect Free: Basic features and plugins with a cloud control plane.
  • Kong Konnect Plus: A pay-as-you-go, credit card-based option that provides a simple way for developers or operators on small teams to quickly start using the services they need right now.
  • Kong Konnect Enterprise: For organizations that want to manage all services across their entire organization. Konnect Enterprise provides connectivity with enterprise-grade security, scalability, and observability across any cloud, platform, and protocol to help teams build powerful digital services and experiences.

If you already have a Konnect or Kong Gateway Enterprise account and license, this license will roll over seamlessly into the new Konnect Enterprise tier.

Konnect Plus free trials
When you sign up for a Konnect account, you are automatically enrolled into a 30-day Konnect Plus free trial. You don’t need to provide a credit card or any info beyond the account registration. At the end of the trial, you’ll have the choice to keep the account at the Plus tier or downgrade to Free.
Billing and plan management
You can now manage your plan subscription for Free and Plus plan tiers directly from the app. Konnect now includes a Stripe integration, and the process is fully self-serve: choose your plan, add a card, make payments, all through the Konnect app and billing portal.
Self-serve account registration
You can now sign up for a Konnect account without an access code. No more reaching out to Kong support or sales for access – just go

to https://cloud.konghq.com and try it out!

Runtime setup improvements
Runtime setup for Linux and Kubernetes environments has improved. When you configure a new runtime, instead of one Advanced tab, the Runtime Manager now has Linux and Kubernetes tabs. Choose the tab that fits your environment and copy the configuration parameters directly.

Known issues with the Kubernetes tab:

  • The image and repository parameters are in the wrong format and point to a non-existent image. Substitute them with the following:

    image:
      repository: kong/kong-gateway
      tag: "2.3.2.0-alpine"
    
  • cluster_telemetry_endpoint is missing a space between the parameter and the value. Add a space to fix the formatting:

    cluster_telemetry_endpoint: <your-instance-name>.tp.konnect.konghq.com:443
    

March 2021

Runtime setup improvement
Quick setup just got a little bit faster. When configuring a new runtime through the Runtime Manager, HTTPie is no longer required for the quick setup script.

February 2021

Kong Gateway 2.3 support
Kong Konnect now supports Kong Gateway 2.3 runtimes. There is no upgrade path for existing runtimes.
To use Kong Gateway 2.3, re-provision a new runtime.
Advanced runtime configuration
You can now configure custom Kong Gateway data planes through the Runtime Manager and run gateway instances outside of Docker.
Logging plugins
The full set of Kong Gateway’s logging plugins is now available through Kong Konnect. This includes:
  • File Log
  • HTTP Log
  • Kafka Log
  • Loggly
  • StatsD
  • StatsD Advanced
  • Syslog
  • TCP Log
  • UDP Log
Portal authentication
You can now disable authentication on a Dev Portal, which exposes the Dev Portal publicly to anyone with the link. No one needs to register for Dev Portal access.
New application registrations aren’t available through a public-facing portal.
Kong Konnect (Konnect) is now generally available!

To get started with Konnect, see the Quickstart Guide.

For more information about Konnect, contact your Kong sales representative.

Thank you for your feedback.
Was this page useful?
Too much on your plate? close cta icon
More features, less infrastructure with Kong Konnect. 1M requests per month for free.
Try it for Free
  • Kong
    Powering the API world

    Increase developer productivity, security, and performance at scale with the unified platform for API management, service mesh, and ingress controller.

    • Products
      • Kong Konnect
      • Kong Gateway Enterprise
      • Kong Gateway
      • Kong Mesh
      • Kong Ingress Controller
      • Kong Insomnia
      • Product Updates
      • Get Started
    • Documentation
      • Kong Konnect Docs
      • Kong Gateway Docs
      • Kong Mesh Docs
      • Kong Insomnia Docs
      • Kong Konnect Plugin Hub
    • Open Source
      • Kong Gateway
      • Kuma
      • Insomnia
      • Kong Community
    • Company
      • About Kong
      • Customers
      • Careers
      • Press
      • Events
      • Contact
  • Terms• Privacy• Trust and Compliance
© Kong Inc. 2025