Security Assertion Markup Language (SAML) is an XML-based open standard that allows organizations to set up single sign-on (SSO) across multiple websites and applications. SAML 2.0 is the latest standard, and was ratified in March 2005, replacing SAML 1.1. We’ll refer to SAML as meaning SAML 2.0 for the remainder of this document. SAML is mostly used as a web-based authentication mechanism as it relies on using the browser to broker the authentication flow.

We’re excited to announce the general availability of Kong Enterprise 3.1. In Kong Enterprise 3.1, we build on the foundation of our plugin ecosystem by introducing five new plugins and enhancing the functionality of existing ones. These include: We’ll explore the ins and outs of each of these plugins below. But first let’s talk about why plugins are such an important part of Kong’s solutions.

We’re excited to announce new features in Kong Konnect that are designed to increase security and streamline API management. Read on to learn more about what’s new in Kong Konnect.

As an application developer, have you ever had to troubleshoot an issue that only happens in production? Bugs can occur when your application gets released into the wild, and they can be extremely difficult to debug when you cannot reproduce without production data. In this blog, I am going to show you how to safely send your production data to development applications deployed using a service mesh to help you better debug and build production proof releases.

Kong connects APIs and microservices natively within clouds, data centers, and Kubernetes platforms using intelligent automation. Built on an open source core, Kong’s solutions enable digital innovation by allowing organizations to reliably and securely manage the full lifecycle of APIs for legacy as well as modern architectures, including container runtimes and serverless technologies.

For the third consecutive year, we’re happy to announce that Kong has been recognized as a Leader in the Gartner Magic Quadrant for Full Life Cycle API Management and is positioned furthest to the right for Completeness of Vision. This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document.

Observability is a critical part of Kong’s API Gateway. In this post, we’ll describe two options to monitor Kong Gateway using Prometheus. Prometheus is an open source system monitor toolkit built at SoundCloud that is now widely adopted. StatsD was originally a simple daemon developed by Etsy to aggregate and summarize application metrics. Prometheus provides a StatsD exporter to collect metrics that are sent in StatsD format.

Today we’re excited to announce the release of Kong Mesh and Kuma 2.0. With this new major release, we’re announcing the first availability of our next-generation policies, in addition to new eBPF capabilities. 2.0 is also significant as we have unified the version scheme between Kong Mesh and Kuma. Previously, Kuma versions had an n-1 version naming convention when compared with Kong Mesh.

As a Solutions Engineer here at Kong, one question that frequently comes across my desk is “how can I transform a Kong logging plugin message into a format that my insert-observability-stack-here understands, i.e. ELK, Loki, Splunk, etc.?” In this blog, I’m going to show you how to easily accomplish converting a Kong logging payload to the Elastic Common Schema. In order to accomplish this task, we’re going to be running Kong Gateway in Kubernetes and using two Kong plugins.

A common use case that is frequently requested is how to dynamically route requests based on authentication attributes. An example of this technique is routing requests to relevant upstream services based on claims contained in a JWT token. Admins would like all their clients to go to the same URI as it makes the implementation easier. But behind the scenes they might need to tailor specific configuration/applications for them, hence routing their request based on their identity.