FEATURE RELEASE

Ambassador Edge Stack 1.4.2 Available

Multi-Domain Authentication Adds to the Most Sophisticated Authentication Feature Set Available with a Modern API Gateway

Today, we released the latest version of the Ambassador Edge Stack, which features multi-domain authentication and additional improvements.

Authentication is crucial for securing access to services by integrating with popular identity providers and declaring access control policies to restrict or provide access to specific services.

Ambassador Edge Stack has long provided:

• Single sign-on with OAuth/OIDC- Native support for configuring single sign-on with OAuth and OIDC authentication schemes
• Your choice of IdP- Choices include Auth0, KeyCloak, Okta, Azure AD, Google, Salesforce, OneLogin, and UAA
• Built-in Support for Authentication- Option to authenticate with username and password in the header with requests to simplify migration greatly
• Session Management- Option to specify session cookie expiration, RP- initiated logouts, etc
• JWT Validation- The JWT Filter validates JSON Web Tokens

Multi-domain Authentication

With 1.4.2, the Ambassador Edge Stack can now authenticate to multiple domains with one single sign-on, using OAuth2 and your choice of IdP. Rather than having to sign on to each new subdomain independently, a single authentication step can cover multiple domains (optionally including subdomains).

Prior to 1.4.2, multiple domains could be authenticated in the same cluster, but each domain would require a separate sign-on workflow. Multi-domain authentication makes this common use case much simpler for end-users and administrators.

Learn more here: https://www.getambassador.io/docs/latest/topics/using/filters/oauth2/

Additional Bug Fixes and Enhancements
The following additional fixes and enhancements apply to the Ambassador Edge Stack 1.4.2:

• Bugfix: The Traffic Agent binds to port 9900 by default. That port can be configured in the Agent’s Pod spec.
• Bugfix: The OAuth2 Filter redirection-endpoint now handles various XSRF errors more consistently (the way we meant it to in 1.2.1)
• Bugfix: The ACME client now obeys AMBASSADOR_ID

We typically include improvements specifically for the Ambassador API Gateway in each release. This point release only contains updates for the Ambassador Edge Stack.

Installing and Upgrading to 1.4.2

Installing and Upgrading to 1.4.2

To install the Ambassador Edge Stack, follow the quick start.

To upgrade from your current version of the Ambassador Edge Stack to 1.4.2, please follow the instructions here.

Get Started Today

The Ambassador Edge Stack is a complete superset of the open-source Ambassador API Gateway, with integrated support for rate limiting, authentication, filter management, and more. You can install the Ambassador Edge Stack in three simple steps. To get started, follow the quick start.

We’d love to hear about how the Ambassador Edge Stack is working for you. Share your comments below, join our Slack, or find us @ambassadorlabs on Twitter.