Updated the route for Operations Anomalies fromapigee/analytics/operations-anomalies toapigee/aapi-ops/operations-anomalies.

On February 13, 2026, we released an updated version of the Apigee UI.

On February 13, 2026, we published a security bulletin for Apigee.

A vulnerability was identified in the Apigee platform (CVE-2025-13292) that could have allowed a malicious actor with administrative or developer-level permissions in their own Apigee environment to elevate privileges and access cross-tenant data.

Security bulletin published:GCP-2026-010

Apply this hotfix with the following steps:

For usage information, seeConfigure multiple condition types in the documentation.

On February 3, 2026 we released an updated version of Advanced API Securitysecurity actions

Known Issue:480997525 - Proxy calls fail withThe URI contains illegal characters error after Netty upgrade

Show all rows in the Debug properties panel

Fixed an issue where only the first 50 rows were displayed in the Debugproperties panel, including the variables tab. The Debug properties table nowdisplays up to 200 rows per page by default. Pagination controls are displayedif the total number of rows exceeds 200.

On January 27, 2026, we released an updated version of the Apigee UI.

On January 21st, 2026, we released an updated version of Apigee (1-17-0-apigee-1).

As of January 20, 2026, Debug v1 has been turned down and is no longeravailable. Please useDebug v2(now referred to as Debug) for debugging API proxies.

Ingest API Gateway metadata into API hub

API hub now supports automatic metadata ingestion fromGoogle Cloud API Gateway. You can nowattach your API Gateway projects to API hub to enable auto-ingestion for all your APIs. For more information seeCentralize API management using API hub.

For usage information, seeExclude traffic from abuse detectionandUse Terraform in Apigeein the Apigee documentation and the Terraform abuse detection feedback (exclusion lists) instructions.

On January 12, 2026, we released an updated version of the Apigee UI.

Manage environment-level resources in the Apigee UI

You can now manage environment-level resources using the Apigee UI.Previously, environment-level resources could only be managed using the API.For more information, seeManaging resources.

On January 7, 2026, we released an updated version of Apigee.

The Apigee Operator for Kubernetes version 1.1.1 is now available.

On December 29th, 2025, we released an updated version of Apigee.

Apigee Extension Processor customers can now use the Extension Processor provisioning API to create traffic extensions.For more information, seeGet started with the Apigee Extension Processor

On December 23, 2025, we released an updated version of Apigee.

• LLMTokenQuota policy
  • This policy monitors and enforces limits onLLM response token usage to control overall LLM expenditure and resource allocation.
  • It can be configured with<CountOnly> (placed in the response flow to track tokens consumed) or<EnforceOnly> (placed in the request flow to block calls if the quota is exceeded).
  • If the quota is reached, Apigee returns anHTTP 429 (Too Many Requests) status code.
  • For more information, seeLLMTokenQuota Policy.
• PromptTokenLimit policy
  • This policy provides a token-based rate-limiting mechanism analogous to the SpikeArrest policy, specifically for the tokens consumed by the user's prompt message.
  • It calculates the prompt's token count using the widely adoptedo200k_base encoding technique.
  • If the configured token rate limit is exceeded, the incoming request is blocked, returning anHTTP 429 (Too Many Requests) status code.
  • For more information, seePromptTokenLimit policy.

Related documents:

• Get started with Apigee AI token policies
• Rate-limiting
• Comparing rate-limiting policies
• Managing API products
• LLMTokenQuota policy
• PromptTokenLimit policy

On December 19, 2025, we released an updated version of Apigee Monetization.

For more information, seeUse AppGroups to manage API product subscriptions.

On December 19, 2025, we released an updated version of Apigee Monetization.

For more information, seeUse AppGroups to manage API product subscriptions.

UDCA component removed

In Apigee hybrid v1.16, the Unified Data Collection Agent (UDCA) component has been removed. The responsibilities of sending analytics, trace, and deployment status data to the Apigee control plane are now handled using aGoogle Cloud Pub/Sub based data pipeline. Using the Pub/Sub based data pipeline has been the default data collection mechanism sinceApigee hybrid v1.14.0.

apigee-guardrails service account

In v1.16.0, Apigee Hybrid introduces anapigee-guardrails Google IAM service account. This is used by theapigee-operator chart during initial installation to check that all needed APIs are enabled in your project.

See:

• Diagnosing issues with guardrails
• About service accounts:apigee-guardrails
• create-service-account
• Upgrading to Apigee hybrid to version 1.16
• Installation Part 2: Step 4: Create service accounts
• Installation Part 2: Step 5: Set up service account authentication

Support for cert-manager release 1.18 and 1.19

Apigee hybrid v1.16 supports cert-manager release 1.18 and 1.19.

Fixed in this release

hybrid v1.16.0

On December 19, 2025 we released an updated version of the Apigee hybrid software, 1.16.0.

• For information on upgrading, seeUpgrading Apigee hybrid to version v1.16.
• For information on new installations, seeThe big picture.

Fixed in this release

Seccomp Profiles

Apigee Hybrid now offers the capability to apply Seccomp Profiles to your runtime components, significantly enhancing the security posture of your deployment.

This feature allows Apigee administrators and security teams to restrict the system calls (syscalls) a containerized process can make to the host's kernel. By limiting a container to only the necessary syscalls, you can:

• Enhance Security: Mitigate the risk of container breakouts and privilege escalation.
• Enforce Least Privilege: Ensure components only have access to the exact system calls required for their operation.
• Meet Compliance: Provide a critical control for meeting stringent security compliance requirements.

Seccomp profiles are not enabled by default. To enable the feature, seeConfigure Seccomp profiles for pod security.

Fixed since last minor release

Fixed since last minor release

Advanced API Security for multi-gateway projects

Apigee Advanced API Security can now centrally manage and govern the security posture of your APIs across multiple Apigee projects, environments, and gateways. This enhancement leverages API hub to provide a single, unified view of your API security, helping you to identify risks and enforce standards consistently across your entire organization.

This enhancement introduces the following key capabilities:

• Unified risk assessment: view and manage security scores for all your APIs in a centralized dashboard, regardless of which project, environment, or gateway they are deployed in.
• Customizable security profiles: create and manage custom security profiles and apply them consistently across your multi-gateway landscape.

Supported gateways:

• Apigee X
• Apigee hybrid
• Apigee Edge Public Cloud

To enable this feature, navigate to theAdd-on management page in API hub and enable theApigee Advanced API Security add-on.

Advanced API Security currently has limited support for VPC Service Controls (VPC-SC). To avoid potential feature limitations, we recommend enabling this add-on for API hub instances associated with Apigee organizations that don't have VPC-SC enabled.

For more information, seeAdvanced API Security for multiple Apigee organizations and gateways.

Announcing thegeneral availabilityof Risk Assessment v2 and support for assessments using the VerifyIAM policy andthese three AI policies: SanitizeUserPrompt, SanitizeModelResponse, andSemanticCacheLookup.

Note: The Risk Assessment v2 monitoring conditions feature remains in preview.

For usage information, seeRisk Assessment overview and UI in the documentation.

On December 17, 2025 we released an updated version of Advanced API SecurityRisk Assessment

Note: Rollouts of this release to production instances will begin within twobusiness days and may take four or more business days to complete across allGoogle Cloud zones. Your instances may not have the feature available until therollout is complete.

New risk assessment type field when creating or updating a risk assessment version 2 custom security profile

The API for creating and updating a version 2 risk assessment custom securityprofile now includes arisk_assessment_type field to specifywhether the custom security profile applies to an Apigee/Apigee hybrid instanceor to API hub multi-gateway.

This field is optional and defaults toAPIGEE; this is not abreaking change for existing risk assessment users.

SeeREST Resource: organizations.securityProfilesV2 for information on the new functionality.

On December 17, 2025 we released a new version of the Apigee integrated portal.

Incorrect Cross-Origin-Opener-Policy header in developer portal

A fix has been implemented to address an issue where theCross-Origin-Opener-Policy response header in the developer portal wasmalformed with an extra colon. This change ensures the security header iscorrectly formatted.

On December 17, 2025, we announced that Debug v1 will be shutdown onJanuary 15, 2026. UseDebug v2instead of Debug v1.

On December 17, 2025 we released a new version of the Apigee integrated portal.

Incorrect Cross-Origin-Opener-Policy header in developer portal

A fix has been implemented to address an issue where theCross-Origin-Opener-Policy response header in the developer portal wasmalformed with an extra colon. This change ensures the security header iscorrectly formatted.

New API card view

A new card view is now available for APIs in API hub. This view provides a more visual and comprehensive way to browse, edit, and manage your APIs, complementing the existing list view.

The card view highlights key information for each API, such as the owner, last modified date, target users, gateway, API style, and business unit, to enhance discoverability and provide a richer at-a-glance overview of your API landscape.

You can switch between the list and card views from theAPI hub > APIs page.

Model Context Protocol (MCP) support in API hub

API hub now supports the Model Context Protocol (MCP) as a first-class API style. This enables you to ingest, register, and manage MCP APIs and their associated tools.

Key capabilities include:

• MCP API registration: Register MCP APIs manually or via API hub APIs to create a single registry for your agentic services.
• MCP tools: Attach MCP specification files to your APIs. API hub parses these files to automatically extract and display the MCP tools in the UI.

For more information, seeAPI resources overview,Register MCP APIs, andManage MCP tools.

• You can now find and configure add-on services like Specification Linter and Semantic Search under the new unifiedAdd-on Management page, alongside other API hub add-ons.
• The deprovisioning function is now moved to a dedicated top-level tab calledDeprovision.

New add-on management page in API hub

A newAdd-on Management page is now available in API hub. This page serves as a centralized location to enable, configure, and manage all your add-on services.

For more information, seeManage add-ons.

Mask KVM values

You can now turn on key value map (KVM) masking to mask values with asterisks (*****).For more information, seeAbout KVM masking.

New API deployments view

API deployment information is now available as a separate tab in theAPI details page. You can view your API deployment details, create new deployments, and manage existing deployments using the API deployments tab.

For more information, seeManage deployments.

The issue relating toAPI hub provisioning failures in data residency enabled Apigee organizations is now resolved. You can now provision API hub within an Apigee organization that has data residency enabled.

For information about provisioning API hub, seeProvision API hub in the Cloud console.

New tutorial: Ingest Microsoft Azure API data into API hub

A new tutorial is available for ingesting Microsoft Azure API data into API hub.

This tutorial shows you how to ingest API metadata from Azure API Management (APIM) into Apigee API hub. It uses a pre-built Application Integration template and a set of custom scripts on GitHub to perform a manual, on-demand ingestion of your API data.

For more information, seeIngest Microsoft Azure API data into API hub.

On November 17, 2025 we released an updated version of Apigee Analytics.

Support for aggregate data in Error Code Analysis, Cache Performance, and Target Performance charts

Announcing support for viewing aggregate data in the Error Code Analysis, CachePerformance, and Target Performance Analytics dashboards.

For information on the Analytics dashboards, seeUse the Analytics dashboards.

On November 17, 2025, we released an updated version of the Apigee UI.

On November 17, 2025 we released an updated version of Apigee Analytics.

Support for aggregate data in Error Code Analysis, Cache Performance, and Target Performance charts

Announcing support for viewing aggregate data in the Error Code Analysis, CachePerformance, and Target Performance Analytics dashboards.

For information on the Analytics dashboards, seeUse the Analytics dashboards.

On November 17, 2025, we released an updated version of Apigee (1-16-0-apigee-5).

Secure and validate documents using WS-Security with X.509 certificates

You can now secure and validate SOAP documents using WS-Security with X.509 certificates using crypto object methods. SeeSecure SOAP documents using WS-Security with X.509 certificates andValidate SOAP documents using WS-Security with X.509 certificates.

New field available in the Apigee Organization API

With this release, a new field is added to theApigee Organization API. The newcaCertificates (plural) field returns the value of the original CA certificate field and can hold additional values. The originalcaCertificate (singular) field is deprecated.

On November 12, 2025, we released an updated version of the Apigee UI.

On November 10, 2025 we released an updated version of Apigee.

Support for new Apigee Analytics regions

This release introduces Apigee Analytics support for these new regions:Hong Kong (asia-east2) and São Paulo (southamerica-east1).

NOTE: Apigee Advanced API Security does not support these new regions at thistime.

For a list of all of the supported Analytics regions, seeAvailable Apigee API Analytics regions.

On November 10, 2025 we released an updated version of Apigee.

Support for new Apigee Analytics regions

This release introduces Apigee Analytics support for these new regions:Hong Kong (asia-east2) and São Paulo (southamerica-east1).

NOTE: Apigee Advanced API Security does not support these new regions at thistime.

For a list of all of the supported Analytics regions, seeAvailable Apigee API Analytics regions.

Filter APIs by user-defined attributes

You can now filter APIs using your custom, user-defined attributes from theAPIs page in the Google Cloud console.

For more information, seeFilter resources based on attributes.

API hub provisioning fails in data residency enabled Apigee organizations

Currently, API hub can't be provisioned within an Apigee organization that has data residency enabled. Attempts to provision API hub in a data residency-enabled Apigee organization will result in a timeout error.

Workaround: There is no workaround available at this time. If your existing Apigee organization has data residency enabled, you will not be able to provision API hub until this limitation is resolved in a future release.

On November 2, 2025, we released an updated version of the Apigee UI.

The Apigee Classic UI shutdown is complete. The shutdown was finalized on November 2, 2025, completing the migration of Apigee to the Google Cloud console. All Apigee functionality is now available in the Apigee UI in the Google Cloud console.

See the Apigee Classic UI shutdown page for more details.

On October 31, 2025, we released an updated version of Apigee (1-16-0-apigee-4).

You can now set quotas at the API product level to limit the number of requestsall API proxies in the API product can process within a specified time frame.SeeConfiguring the quota policy to use API product quota settingsfor information and instructions.

NOTE: API product-scoped quotas are not supported in Apigee hybrid at this time.

On October 29, 2025, we released an updated version of Apigee.

API insights in API hub

API insights is now available in API hub, providing a unified view of your API traffic and performance across all connected gateways. With API insights, you can gain a holistic understanding of your API ecosystem's health and quickly identify areas for optimization.

Currently, API insights supports data sources from Apigee, Apigee hybrid, Apigee Edge Public Cloud, and Apigee Edge Private Cloud (OPDK).

For more information, seeAPI insights overview.

Detailed API resource insights

A newInsights tab is now available on the API details page, providing API-centric analytics to help you understand usage patterns and performance for each of your APIs.

You can now analyze key metrics such as total traffic, average TPS, request/response latencies, and more, directly from the API details page.

For more information, seeView API resource insights.

Introduction of thetarget.evaluated.url flow variable

This release includes a new flow variable,target.evaluated.url,which should be used instead of thetarget.url flow variable incases when the URL is dynamically constructed based on user input.

For more information, see thetarget flow variablesdocumentation.

On October 27, 2025, we released an updated version of Apigee.

Create and manage API operations in the UI

You can now create and manage API operations for your API versions from theAPI details page in the Google Cloud console.

For more information, seeManage operations.

On October 16, 2025, we released an updated version of Apigee (1-16-0-apigee-3).

For more information, seeSystem attributes.

Removal of deprecated Gemini Code Assist@Apigee tool.

The Gemini Code Assist@Apigee tool is shut down as of October 14, 2025.

SeeGemini Code Assist @Apigee tool deprecation for information.

Recurring, top-up, and setup fees for Apigee hybrid monetization

Apigee hybrid now supports recurring, top-up, and setup fees for monetization. For information seeEnabling monetization for Apigee hybrid.

hybrid v1.15.1

On October 10, 2025 we released an updated version of the Apigee hybrid software, 1.15.1.

• For information on upgrading, seeUpgrading Apigee hybrid to version 1.15.
• For information on new installations, seeThe big picture.

Apigee policies for LLM/GenAI workloads

Apigee hybrid now supports the following Apigee policies with support for LLM/GenAI workloads.

• SemanticCacheLookup policy
• SemanticCachePopulate policy
• SanitizeUserPrompt
• SanitizeModelResponse

The Apigee semantic caching policies enable intelligent response reuse based on semantic similarity. Using these policies in your Apigee API proxies can minimize redundant backend API calls, reduce latency, and lower operational costs. With this release, the semantic caching policies support URL templating, enabling the use of variables for AI model endpoint values.

The Model Armor policies protect your AI applications by sanitizing user prompts to and responses from large language models (LLMs). Using these policies in your Apigee API proxies can mitigate the risks associated with LLM usage by leveraging Model Armor to detect prompt injection, prevent jailbreak attacks, apply responsible AI filters, filter malicious URLs, and protect sensitive data.

• Get started with semantic caching policies
• Get started with Apigee Model Armor policies

Documentation change

The following documents have been changed or introduced to align the Apigee hybrid installation guides with the supported methods for service account authentication:

• Service account authentication methods in Apigee hybrid - A new overview topic for service account authentication.
• Storing service account keys in Kubernetes secrets - A new topic.
• Step 4: Create service accounts - Rewritten to accommodate all supported methods of service account authentication.
• Step 5: Set up service account authentication - A new topic on configuring authentication after creating service accounts.
• Step 7: Create the overrides andStep 11: Install Apigee hybrid Using Helm - Topics revised to provide templates, examples, and procedures for each supported type of service account authentication.
• Step 11(Optional): Configure Workload Identity - Topic removed. The procedures are included inStep 11: Install Apigee hybrid Using Helm: WIF for GKE

Deprecation of the Gemini Code Assist@Apigee tool.

The Gemini Code Assist@Apigee tool is deprecated and will be shut down as of October 14, 2025.

SeeGemini Code Assist @Apigee tool deprecation for information.

On October 7, 2025, we released an updated version of the Apigee UI.

Output from print statements is now displayed in the Debug session viewer

A new option has been added to the transaction navigation table header in the Debug session viewer that opens theTransaction output window. TheTransaction output window displaysprint() output from eitherall transactions in the debug session, or aspecific transaction from the session. SeeCreating a debug session for details.

Previously unreported customer DNS misconfigurations now result in DNS errors

Apigee removed the automatic DNS fallback functionality that was in 1-16-0-apigee-2. This removal surfaces customer DNS misconfigurations that previously did not show as DNS errors.

SeeKnown Issue 445936920.

hybrid v1.14.3

On October 7, 2025 we released an enhancement to Apigee hybrid version 1.14.3, recurring, top-up, and setup fees for Apigee hybrid monetization.

• For complete information on the contents of the v1.14.3 release, seeApigee hybrid v1.14.3 release notes.

Recurring, top-up, and setup fees for Apigee hybrid monetization

Apigee hybrid now supports recurring, top-up, and setup fees for monetization. For information seeEnabling monetization for Apigee hybrid.

On October 2, 2025 we released an updated version of Advanced API Security Abuse Detection

Note: Rollouts of this release to production instances will begin within two business days and may take four or more business days to complete across all Google Cloud zones. Your instances may not have the feature available until the rollout is complete.

Introduction of exclusion lists for Abuse Detection and incidents

You can now specify CIDR ranges and IP addresses to exclude from future incident reports. Use this feature to exclude traffic known to be safe, such as requests related to automated testing.

The new functionality includes the ability to create and manage multiple "exclusion lists" which define traffic to exclude and the reasons it is excluded.

Note: Exclusion lists are not available for VPC-SC customers at this time.

For usage information, seeExclude traffic from abuse detection in the documentation.

hybrid v1.14.3

On September 29, 2025 we released an updated version of the Apigee hybrid software, 1.14.3.

• For information on upgrading, seeUpgrading Apigee hybrid to version 1.14.
• For information on new installations, seeThe big picture.

On September 24, 2025, we released an updated version of Apigee.

ApigeeBackendService for the Apigee Operator for Kubernetes (GA)

The ApigeeBackendService resource for the Apigee Operator for Kubernetes isGenerally Available (GA).

This new resource enables the integration of the Apigee Operator for Kubernetes with theGoogle Kubernetes Engine (GKE) Inference Gateway. The GKE Inference Gateway is an extension to the GKE Gateway that provides optimized routing and load balancing for serving generative Artificial Intelligence (AI) workloads. It simplifies the deployment, management, and observability of AI inference workloads.

With this new integration, GKE Inference Gateway users can now leverage Apigee's full suite of features to manage, govern and monetize their AI workload through APIs.

To learn more, seeCreate an ApigeeBackendService.

Apigee Operator for Kubernetes for Apigee Hybrid (Preview)

On September 24, 2025 we released the Apigee Operator for Kubernetes for Apigee Hybrid 1.15.0 and newer.

The Apigee Operator for Kubernetes allows you to perform API management tasks, such as defining API products and operations, using Kubernetes tools. This preview release allows you to integrate this capability with your Apigee hybrid (v1.15.0 or newer) installation.

For more information, see:

• Apigee Operator for Kubernetes overview
• Install the Apigee Operator for Kubernetes for Apigee hybrid

On September 19, 2025 we released an updated version of Advanced API Security

Note: Rollouts of this release to production instances will begin within two business days and may take four or more business days to complete across all Google Cloud zones. Your instances may not have the feature available until the rollout is complete.

New security actions status icons and "expired" note in the security actions UI

This release adds security status icons to the Apigee UI to make it easier to see, at a glance, whether a security action is enabled, disabled, or paused, and an "expired" note when an action is expired.

The status icons display next to the action's status in the security actions list and in the security action details page.

For information on security actions and security action statuses, see theSecurity Actions customer documentation.

On September 19, 2025, we released an updated version of the Apigee UI.

On September 18, 2025 we released an updated version of Advanced API Security

Note: Rollouts of this release to production instances will begin within two business days and may take four or more business days to complete across all Google Cloud zones. Your instances may not have the feature available until the rollout is complete.

Improvements to the Abuse Detection incident model

This release includes improvements to the incident model, including lower noise and higher accuracy for abuse detection incidents.

Note: This feature is not currently available to customers with VPC-SC enabled.

For information on abuse detection incidents, see theAbuse Detection customer documentation.

On September 14, 2025, we released an updated version of the Apigee UI.

Added icon to proxy and sharedflow editor to mark unused policies

If a policy has yet to beattached to any flow in the configuration, an icon now displays next to that policy in the Proxy Editor side navigation to signify that the policy is currently unused in the proxy or sharedflow.

On September 12, 2025, we released an updated version of Apigee (1-16-0-apigee-2).

Updated Go client library. For more information, seeapihub: v0.2.0.

API hub navigation update

TheAPI hub section is now moved to the top level of the Apigee left navigation menu. This change improves discoverability and access to the API hub features.

API hub navigation update

TheAPI hub section is now moved to the top level of the Apigee left navigation menu. This change improves discoverability and access to the API hub features.

On September 9, 2025, we released an updated version of Apigee (1-16-0-apigee-1).

For more information, seeAuto-discovery of OpenAPI specs from Apigee proxies.

Deprecation of Vertex AI Extensions in API hub

The Vertex AI Extensions feature is no longer supported in API hub as ofSeptember 8, 2025.

Enable and disable semantic search

You can now enable and disable semantic search from theAPI hub > Settings> Actions page in the Google Cloud console.

For more information, seeEnable and disable semantic search.

On September 8, 2025 we released a new version of the Apigee integrated portal.

Workforce Identity Federation users can now manage Integrated Portals using the Apigee Cloud console. This previous limitation has been removed fromAccessing features only available in the Classic Apigee UI.

On September 8, 2025 we released a new version of the Apigee integrated portal.

Workforce Identity Federation users can now manage Integrated Portals using the Apigee Cloud console. This previous limitation has been removed fromAccessing features only available in the Classic Apigee UI.

Apigee policies for LLM/GenAI workloads are Generally Available (GA)

Four new Apigee policies supporting LLM/GenAI workloads are nowGA:

• SemanticCacheLookup policy
• SemanticCachePopulate policy
• SanitizeUserPrompt
• SanitizeModelResponse

The Apigee semantic caching policies enable intelligent response reuse based on semantic similarity. Using these policies in your Apigee API proxies can minimize redundant backend API calls, reduce latency, and lower operational costs. With this release, the semantic caching policies support URL templating, enabling the use of variables for AI model endpoint values.

The Model Armor policies protect your AI applications by sanitizing user prompts to and responses from large language models (LLMs). Using these policies in your Apigee API proxies can mitigate the risks associated with LLM usage by leveraging Model Armor to detect prompt injection, prevent jailbreak attacks, apply responsible AI filters, filter malicious URLs, and protect sensitive data.

For more information on using these policies in your Apigee API proxies, see:

• Get started with semantic caching policies
• Get started with Apigee Model Armor policies

On September 4, 2025, we released an updated version of Apigee.

On September 3, 2025, we released an updated version of Apigee.

Apigee Server-Sent Events (SSE) and EventFlows are supported for use with the Apigee Extension Processor.

The Apigee SSE feature enables continuous response streaming from server-sent event (SSE) endpoints to clients in real time. To learn more about this feature, seeStreaming server-sent events.

The Apigee Extension Processor is atraffic extension that lets you use Cloud Load Balancing to send callouts from the data processing path of the application load balancer to the Apigee Extension Processor. To learn more, see theApigee Extension Processor overview.

New API versions view

API version information is now available as a separate tab in theAPI details page. You can view your API version details, copy API ID, create new API versions and more using the API versions tab.

For more information, seeManage versions.

On August 27, 2025, we released an updated version of Apigee (1-15-0-apigee-9).

Added a column to theApps table to show the App display name separate from the App name. TheApp name column will no longer show the display name if one is set. Instead the display name will appear in the newDisplay name column. You can also now filter by theApp name andDisplay name independently.

On August 25, 2025 we released an updated version of Advanced API Security

Note: Rollouts of this release to production instances will begin within two business days and may take four or more business days to complete across all Google Cloud zones. Your instances may not have the feature available until the rollout is complete.

Additional details and explanations for incidents and traffic identified as anomalous in Abuse Detection Advanced Anomaly Detection

Starting with this release, additional details are available for anomalies detected in incidents and detected traffic, including details on why traffic was flagged as anomalous, the days and times it triggered, time series charts showing anomalous traffic spikes, and direct links to the Google Cloud Logging for events.

See theAbuse detection "Details view" for more information.

On August 25, 2025 we released a new version of the Apigee integrated portal.

This release includes general improvements to performance and availability.

On August 25, 2025 we released a new version of the Apigee integrated portal.

This release includes general improvements to performance and availability.

Create and delete custom plugins in the UI

You can now create and delete custom plugins from theAPI hub > Settings > Plugins page in the Google Cloud console.

For more information, seeCreate custom plugins andManage custom plugins.

Deprovision API hub in the UI

You can now deprovision an API hub instance from theAPI hub > Settings > Actions page in the Google Cloud console.

For more information, seeDeprovision Apigee API hub.

On August 20, 2025, we released an updated version of the Apigee UI.

Added Name column to API Products table

Added a column to theAPI Products table to display the product name. You can now filter and sort by the product name. The link to the API product detail page is now in theName column instead of theDisplay Name column.

API observations in API hub (Preview)

API observations in API hub helps you tackle the challenges of undocumented and unmanaged APIs in your API infrastructure. It leverages Apigeeshadow API discovery and uses automated discovery processes to bring all your APIs,across Google Cloud projects, into a unified, managed view.

For more information, seeAPI observations in API hub.

A new column has been added to thetransactions table in the Debug view that specifies the path that was used by the transaction to call the proxy.

On August 11, 2025 we released an updated version of Advanced API Security Abuse Detection

For usage information, see theAbuse Detection incident detail documentation.

On August 6, 2025 we released an updated version of Advanced API Security

Note: Rollouts of this release to production instances will begin within two business days and may take four or more business days to complete across all Google Cloud zones. Your instances may not have the feature available until the rollout is complete.

Availability of Shadow API Discovery for APIs in any Google Cloud project

Using Shadow API Discovery, you can find undocumented/shadow APIs in your existing cloud infrastructure. Shadow APIs pose a security risk to your system, since they might be unsecured, unmonitored, and unmaintained.

With this release, you can configure and run API observation jobs in any Google Cloud project, without needing to provision Apigee in that project. You can also centrally view the results of API observation jobs and compare discovered API endpoints and operations to APIs cataloged in API hub to identify shadow APIs.

See theShadow API Discovery overview for information on Shadow API Discovery and how to add it to projects.

On August 4, 2025 we announced new functionality in Advanced API Security Abuse Detection.

Terraform support for configuring Advanced API Security

We have expanded our Terraform support for Advanced API Security, enabling you to automate the management of your security posture. You can now use Terraform to manage add-on enablement forSubscription andPAYG environments, createRisk Assessment security profiles andmonitoring conditions,configure IP address resolution, andcreate security actions.

For information, seeConfigure Advanced API Security using Terraform.

On August 4, 2025, we released an updated version of Apigee (1-15-0-apigee-8).

Server-sent events and EventFlows areGenerally Available (GA)

Apigee supports continuous response streaming from server-sent event (SSE) endpoints to clients in real time. The Apigee SSE feature is useful for handling large language model (LLM) APIs that operate most effectively by streaming their responses back to the client. SSE streaming reduces latency, and clients can receive response data as soon as it is generated by an LLM. This feature supports the use of AI agents that operate in real time environments, such as customer service bots or workflow orchestrators. For more information, seeStreaming server-sent events.

Streaming from SSE endpoints is available in Apigee and in Apigee hybrid v1.15.0 and newer.

New data source support for plugins

API hub now supports importing API metadata through new dedicated plugins for the following data sources:

1. Apigee Edge Public Cloud
2. Apigee Edge Private Cloud (OPDK)

For more information, seePlugins overview.

Push-based plugin ingestion

API hub now supports push-based plugin ingestion. This method allows for more real-time synchronization of API metadata. All newApigee, Apigee hybrid, Apigee Edge Public Cloud, and Apigee Edge Private Cloud (OPDK) plugins are created with push-based ingestion by default.

For more information, seePlugin data ingestion methods.

For more information, seeCreate custom plugins.

Default Apigee plugin instance not auto-created during runtime attachment

Issue: When provisioning API hub as part of Apigee provisioning, the defaultApigee X and hybrid plugin instance is not automatically created. This prevents API proxies from being auto-registered.

Workaround: You can manually attach an Apigee runtime instance and import the Apigee assets. SeeAttach a runtime project.

Delete plugin instance changes

API hub no longer retains any ingested metadata from a plugin after its deletion. Deleting a plugin instance also permanently deletes all the associated API data from API hub.

For more information, seeDelete a plugin instance.

Provisioning changes and Apigee API proxy registration

API hub changed how it registers API proxies from Apigee and how it creates default plugin instances during provisioning.

API hub now automatically creates a defaultApigee X and hybrid plugin instance and auto-registers API proxies only when you provision it as part of Apigee provisioning.

If you provision API hub directly from the API hub UI, API hub does not automatically create a default plugin instance, nor does it auto-register proxies.

For more information, seeProject attachments and plugins.

New tutorial: Enrich API data in API hub

A new tutorial is available for enriching API data in Apigee API hub.

It shows you how to use API hub's custom curation features to automatically fetch OpenAPI specifications from a Cloud Storage bucket and associate them with their corresponding Apigee API proxies. The custom curation logic is defined using an integration in Application Integration.

For more information, seeEnrich API data with custom curation in API hub.

Deprecation of Apigee proxy deployment attributes

As ofJuly 31st, 2025, theApigee X and Hybrid Environment andApigee X and Hybrid Organization attributes will no longer be added to new Apigee proxy deployments. This change specifically applies when you import deployments into API hub by attaching a runtime project.

If your existing projects use these attributes in filtered search queries, we recommend updating them. To ensure your searches continue to work, use theSource project andSource environment fields as alternatives.

Deprecation of pull-based ingestion for Apigee plugins

Pull-based ingestion is no longer supported forApigee and Apigee hybrid plugins as ofJuly 31, 2025. For existing projects that have pull-based Apigee X and hybrid plugins configured, these plugins will continue to function and will be automatically migrated to the push-based type startingAugust 2025.

On July 30, 2025 we began redirecting the following Apigee Classic UI navigation items to Apigee UI in the Google Cloud console:

• Develop > API Proxies
• Develop > Shared Flows
• Develop > Offline Debug

SeeApigee UI in Cloud console navigation for a mapping of each Classic Apigee UI feature page to its location in the Apigee UI in Cloud console.

SeeApigee Classic UI shutdown for details on shutdown dates.

If you require more time to transition to the Google Cloud console, submit theexception request form by Aug 15, 2025.

On July 30, 2025 we began redirecting the following Apigee Classic UI navigation items to Apigee UI in the Google Cloud console:

• Develop > API Proxies
• Develop > Shared Flows
• Develop > Offline Debug

SeeApigee UI in Cloud console navigation for a mapping of each Classic Apigee UI feature page to its location in the Apigee UI in Cloud console.

SeeApigee Classic UI shutdown for details on shutdown dates.

If you require more time to transition to the Google Cloud console, submit theexception request form by Aug 15, 2025.

On July 29, 2025 we removed theSwitch to Classic option from the following Apigee UI in the Google Cloud console pages:

• API Proxy
• Shared Flow
• Offline Debug detail

This is part of the Apigee Classic UI shutdown plan.

SeeApigee UI in Cloud console navigation for a mapping of each Classic Apigee UI feature page to its location in the Apigee UI in Cloud console.

SeeApigee Classic UI shutdown for details on shutdown dates.

If you require more time to transition to the Google Cloud console, submit theexception request form by Aug 15, 2025.

On July 28, 2025, we released an updated version of Apigee (1-15-0-apigee-7).

Server-sent events and EventFlows areGenerally Available (GA)

Apigee supports continuous response streaming from server-sent event (SSE) endpoints to clients in real time. The Apigee SSE feature is useful for handling large language model (LLM) APIs that operate most effectively by streaming their responses back to the client. SSE streaming reduces latency, and clients can receive response data as soon as it is generated by an LLM. This feature supports the use of AI agents that operate in real time environments, such as customer service bots or workflow orchestrators. For more information, seeStreaming server-sent events.

Streaming from SSE endpoints is available in Apigee and in Apigee hybrid v1.15.0 and newer.

On July 24, 2025 we began redirecting the following Apigee Classic UI navigation items to Apigee UI in the Google Cloud console:

• Publish > Portals

SeeApigee UI in Cloud console navigation for a mapping of each Classic Apigee UI feature page to its location in the Apigee UI in Cloud console.

SeeApigee Classic UI shutdown for details on shutdown dates.

If you require more time to transition to the Google Cloud console, submit theexception request form by Aug 15, 2025.

On July 24, 2025 we began redirecting the following Apigee Classic UI navigation items to Apigee UI in the Google Cloud console:

• Publish > Portals

SeeApigee UI in Cloud console navigation for a mapping of each Classic Apigee UI feature page to its location in the Apigee UI in Cloud console.

SeeApigee Classic UI shutdown for details on shutdown dates.

If you require more time to transition to the Google Cloud console, submit theexception request form by Aug 15, 2025.

On July 24, 2025 we began redirecting the following Apigee Classic UI navigation items to Apigee UI in the Google Cloud console:

• Publish > Portals

SeeApigee UI in Cloud console navigation for a mapping of each Classic Apigee UI feature page to its location in the Apigee UI in Cloud console.

SeeApigee Classic UI shutdown for details on shutdown dates.

If you require more time to transition to the Google Cloud console, submit theexception request form by Aug 15, 2025.

On July 24, 2025 we began redirecting the following Apigee Classic UI navigation items to Apigee UI in the Google Cloud console:

• Publish > Portals

SeeApigee UI in Cloud console navigation for a mapping of each Classic Apigee UI feature page to its location in the Apigee UI in Cloud console.

SeeApigee Classic UI shutdown for details on shutdown dates.

If you require more time to transition to the Google Cloud console, submit theexception request form by Aug 15, 2025.

API hub provisioning now enables Apigee API

When you provision API hub, it now enables the Apigee API (apigee.googleapis.com) in your Google Cloud project. If Apigee isn't already provisioned, an Apigee organization is also automatically created in your project as part of the provisioning process.

API hub remains a free service. Enabling the Apigee API has no additional pricing or billing implications for your project.

For more information, seeProvision API hub in the Cloud console.

VPC Service Controls (VPC-SC) is GA

VPC Service Controls in API hub is nowGA.

For more information, seeVPC Service Controls for API hub.

API hub deprovisioning changes

Deprovisioning an API hub instance now also deletes any associated Apigee organizations from your Google Cloud project, provided those Apigee organizations have no Apigee instances.

If you deprovision an API hub instance, you can reprovision it later, but you'll need to wait 7 days before you can do so.

For more information, seeDeprovision Apigee API hub.

Apigee and hybrid plugin instance management

You can now create and delete plugin instances for Apigee and Apigee Hybrid while associating the respective Apigee runtime projects to API hub.

For more information, seeAuto-register Apigee proxies.

Apigee and Apigee hybrid plugin creation now requires source project ID

When creating new instances of theApigee X and hybrid plugin, you must now provide a source project ID. This source project ID is the Google Cloud project from which the plugin will import data.

This is a breaking change and will affect any existing API calls that create these plugins without explicitly providing this ID.

Action Required: Update your API calls to include the appropriate source project ID when creating new Apigee X and hybrid plugins. Failing to do so will result in creation errors.

Resource URI format for Apigee deployments

To ensure optimal functionality and consistency while creating or updatingApigee deployments, we now recommend that theResource URI conforms to the following format:organizations/([^/]+)/environments/([^/]+)/apis/([^/]+)$

For more information, seeIntroduction to deployments.

Edit plugin instances changes

You can now change or modify the name and curation logic of your plugin instance.

For more information, seeEdit a plugin instance.

On July 14, 2025 we released an updated version of Advanced API Security

Note: Rollouts of this release to production instances will begin within two business days and may take four or more business days to complete across all Google Cloud zones. Your instances may not have the feature available until the rollout is complete.

Support for editing and deleting security actions

With this release you can edit and delete existing security actions using either the UI or the Apigee Management APIs.

For usage information, see thesecurity actions documentation.

hybrid v1.13.4

On July 9, 2025 we released an updated version of the Apigee hybrid software, 1.13.4.

• For information on upgrading, seeUpgrading Apigee hybrid to version 1.13.
• For information on new installations, seeThe big picture.

On July 1, 2025 we released a new version of Advanced API Security Abuse Detection.

For usage information, see theAbuse Detection documentation.

On June 25, 2025 we began redirecting the following Apigee Classic UI navigation items to Apigee UI in the Google Cloud console:

• Publish > API products
• Publish > Developers
• Publish > Apps
• Admin > Instances
• Admin > Data collectors
• Admin > Environments
• Admin > Endpoint attachments

SeeApigee UI in Cloud console navigation for a mapping of each Classic Apigee UI feature page to its location in the Apigee UI in Cloud console.

SeeApigee Classic UI shutdown for details on shutdown dates.

If you require more time to transition to the Google Cloud console, submit theexception request form by Aug 15, 2025.

On June 25, 2025 we began redirecting the following Apigee Classic UI navigation items to Apigee UI in the Google Cloud console:

• Publish > API products
• Publish > Developers
• Publish > Apps
• Admin > Instances
• Admin > Data collectors
• Admin > Environments
• Admin > Endpoint attachments

SeeApigee UI in Cloud console navigation for a mapping of each Classic Apigee UI feature page to its location in the Apigee UI in Cloud console.

SeeApigee Classic UI shutdown for details on shutdown dates.

If you require more time to transition to the Google Cloud console, submit theexception request form by Aug 15, 2025.

On June 23, 2025 we released an updated version of Apigee.

On June 23, 2025 we released an updated version of Apigee.

Addition of AppGroup-specific Analytics dimensions for Custom Reports

This release introduces two new AppGroups Analytics dimensions:AppGroup Name andAppGroup App Name.

Use these dimensions withcustom reports and report jobs to group metrics by a specific AppGroup or a specific app within an AppGroup.

For additional information seeAnalytics dimensions andCreating and managing custom reports.

Addition of AppGroup-specific Analytics dimensions for Custom Reports

This release introduces two new AppGroups Analytics dimensions:AppGroup Name andAppGroup App Name.

Use these dimensions withcustom reports and report jobs to group metrics by a specific AppGroup or a specific app within an AppGroup.

For additional information seeAnalytics dimensions andCreating and managing custom reports.

On June 23, 2025 we released a new version of the Apigee integrated portal.

Documentation:Exporting publishing data

On June 23, 2025 we released an updated version of Apigee.

On June 23, 2025 we released an updated version of Apigee.

On June 23, 2025 we released a new version of the Apigee integrated portal.

Use these dimensions withcustom reports and report jobs to group metrics by a specific AppGroup or a specific app within an AppGroup.

For additional information seeAnalytics dimensions andCreating and managing custom reports.

Addition of AppGroup-specific Analytics dimensions for Custom Reports

This release introduces two new AppGroups Analytics dimensions:AppGroup Name andAppGroup App Name.

Use these dimensions withcustom reports and report jobs to group metrics by a specific AppGroup or a specific app within an AppGroup.

For additional information seeAnalytics dimensions andCreating and managing custom reports.

This release adds theExport feature to the Apigee UI in the Cloud console. You can now export publishing data for developers, apps, or API products as a comma-separated values (CSV) file or JSON file.

Documentation:Exporting publishing data

On June 17, 2025 we began redirecting the following Apigee Classic UI navigation items to Apigee UI in the Google Cloud console:

• Publish > Monetization
• Analyze > API monitoring
• Analyze > API metrics
• Analyze > Developers > Developer Engagement
• Analyze > Developers > Traffic Composition
• Analyze > End Users > Devices
• Analyze > End Users > Geomap
• Analyze > Custom reports

SeeApigee UI in Cloud console navigation for a mapping of each Classic Apigee UI feature page to its location in the Apigee UI in Cloud console.

SeeApigee Classic UI shutdown for details on shutdown dates.

If you require more time to transition to the Google Cloud console, submit theexception request form by Aug 15, 2025.

On June 17, 2025 we began redirecting the following Apigee Classic UI navigation items to Apigee UI in the Google Cloud console:

• Publish > Monetization
• Analyze > API monitoring
• Analyze > API metrics
• Analyze > Developers > Developer Engagement
• Analyze > Developers > Traffic Composition
• Analyze > End Users > Devices
• Analyze > End Users > Geomap
• Analyze > Custom reports

SeeApigee UI in Cloud console navigation for a mapping of each Classic Apigee UI feature page to its location in the Apigee UI in Cloud console.

SeeApigee Classic UI shutdown for details on shutdown dates.

If you require more time to transition to the Google Cloud console, submit theexception request form by Aug 15, 2025.

On June 16, 2025 we released a new version of Advanced API Security Abuse Detection.

API address drill down details are now available in the preview release of Advanced API Security Abuse Detection incidents in the detected traffic tab.

This new functionality shows details related to specific API addresses when viewing detected abuse in detected traffic.

For usage information, see theAbuse Detection customer documentation for incident details.

On June 16, 2025 we released an updated version of Apigee Analytics and the Apigee UI.

On June 16, 2025 we released an updated version of Apigee Analytics and the Apigee UI.

Starting with this release, the API proxy performance dashboard includes aggregate metrics such as the average TPS (transactions per second) with each chart.

For information and usage instructions for the API proxy performance dashboard, see theAPI proxy performance dashboard customer documentation.

Starting with this release, the API proxy performance dashboard includes aggregate metrics such as the average TPS (transactions per second) with each chart.

For information and usage instructions for the API proxy performance dashboard, see theAPI proxy performance dashboard customer documentation.

On June 16, 2025 we released an updated version of Apigee Analytics and the Apigee UI.

On June 16, 2025 we released an updated version of Apigee Analytics and the Apigee UI.

Starting with this release, the API proxy performance dashboard includes aggregate metrics such as the average TPS (transactions per second) with each chart.

For information and usage instructions for the API proxy performance dashboard, see theAPI proxy performance dashboard customer documentation.

Starting with this release, the API proxy performance dashboard includes aggregate metrics such as the average TPS (transactions per second) with each chart.

For information and usage instructions for the API proxy performance dashboard, see theAPI proxy performance dashboard customer documentation.

On June 4, 2025 we released an update to the Anomaly Detection model in Advanced API Security Abuse Detection.

For more information on this model and on Abuse Detection, seeAbuse Detection customer documentation, includingDetection rules.

hybrid v1.15.0

On June 4, 2025 we released an updated version of the Apigee hybrid software, 1.15.0.

• For information on upgrading, seeUpgrading Apigee hybrid to version 1.15.
• For information on new installations, seeThe big picture.

Large message payload support in Apigee hybrid

Apigee now supports message payloads up to 30MB. You configure support for large message payloads in Apigee hybrid for individual environments or for your whole installation. SeeConfigure large message payload support in Apigee hybrid.

Fixed in this release

Fixed since last minor release

On June 3, 2025, we released an updated version of Apigee.

Apigee API hub is enabled for new Apigee organizations in supported regions.

With this release, we are enablingApigee API hub for new Apigee organizationsin regions where API hub is supported. All new Apigee organizations, including hybrid organizations, that select an API hub-supported regionfor their Apigee Analytics region during provisioning will have access to API hub features at no additional cost.

API hub allows you to view, organize, and manage all of the APIs in your Apigee organization in one central location. To learn more, seeWhat is Apigee API hub?

No action on your part is required to provision API hub for your organization, with the following exceptions:

• If your Apigee organization has Data Residency or VPC Service Controls enabled, you must configure your API hub instance manually to support these services. SeeVPC Service Controls for API hub andAPI hub and data residency for more information.
• If your Apigee organization uses Customer-Managed Encryption Keys (CMEK), you must deprovision the Apigee API hub instance provided by default and recreate it to support CMEK. SeeDeprovision Apigee API hub andProvision API hub in the Cloud console for step-by-step instructions.

ContactGoogle Cloud Support for questions or assistance.

On June 3, 2025, we released an updated version of Apigee.

Apigee API hub is enabled for new Apigee organizations in supported regions.

With this release, we are enablingApigee API hub for new Apigee organizationsin regions where API hub is supported. All new Apigee organizations, including hybrid organizations, that select an API hub-supported regionfor their Apigee Analytics region during provisioning will have access to API hub features at no additional cost.

API hub allows you to view, organize, and manage all of the APIs in your Apigee organization in one central location. To learn more, seeWhat is Apigee API hub?

No action on your part is required to provision API hub for your organization, with the following exceptions:

• If your Apigee organization has Data Residency or VPC Service Controls enabled, you must configure your API hub instance manually to support these services. SeeVPC Service Controls for API hub andAPI hub and data residency for more information.
• If your Apigee organization uses Customer-Managed Encryption Keys (CMEK), you must deprovision the Apigee API hub instance provided by default and recreate it to support CMEK. SeeDeprovision Apigee API hub andProvision API hub in the Cloud console for step-by-step instructions.

ContactGoogle Cloud Support for questions or assistance.

On June 2, 2025 we released a new version of the Apigee integrated portal.

This approach is suitable for evaluation, but you should configure your own SMTP server before launching your portal to users. When you configure the SMTP server, you can also configure the sender address, for example,no-reply@mycompany.com.

On June 2, 2025 we released a new version of the Apigee integrated portal.

This approach is suitable for evaluation, but you should configure your own SMTP server before launching your portal to users. When you configure the SMTP server, you can also configure the sender address, for example,no-reply@mycompany.com.

New flow variables available for VerifyAPIKey policy

Two new flow variables have been added to theVerifyAPIKey policy.

• app_group_app
• app_group_name

To learn more, seeUsing flow variables.

On June 2, 2025, we released an updated version of Apigee (1-15-0-apigee-5).

For more information and usage instructions, seeDesigning and editing APIs,Tutorial: Use Gemini Code Assist to design, develop, and test APIs in Apigee, andSetting up Apigee API Management in Cloud Code for VS Code.

On May 29, 2025 we announced the shutdown schedule for the Apigee Classic UI.

On May 29, 2025 we released a new version of the Apigee integrated portal.

To prepare for the shutdown of the Apigee Classic UI, familiarize yourself with the new Apigee UI in Google Cloud console by reviewingUI overview.

SeeApigee Classic UI shutdown for details on shutdown dates and exception request.

GA: Apigee Integrated Developer Portal Admin UI in the Google Cloud console.

This release adds the Apigee Integrated Developer Portal Admin UI from the Classic Apigee UI into the Google Cloud console.

Leveraging Google Cloud console components provides API providers and Portal Admins with a centralized platform to efficiently configure, publish, and manage your API consumer portals, eliminating the need to switch between different UIs.

No new APIs have been introduced in this release.

SeePublishing overview to get started.

On May 29, 2025 we announced the shutdown schedule for the Apigee Classic UI.

On May 29, 2025 we announced the shutdown schedule for the Apigee Classic UI.

On May 29, 2025 we released a new version of the Apigee integrated portal.

To prepare for the shutdown of the Apigee Classic UI, familiarize yourself with the new Apigee UI in Google Cloud console by reviewingUI overview.

SeeApigee Classic UI shutdown for details on shutdown dates and exception request.

GA: Apigee Integrated Developer Portal Admin UI in the Google Cloud console.

This release adds the Apigee Integrated Developer Portal Admin UI from the Classic Apigee UI into the Google Cloud console.

Leveraging Google Cloud console components provides API providers and Portal Admins with a centralized platform to efficiently configure, publish, and manage your API consumer portals, eliminating the need to switch between different UIs.

No new APIs have been introduced in this release.

SeePublishing overview to get started.

The Apigee Classic UI will be shutdown as of August 29, 2025.

This is the final phase of moving Apigee to the Google Cloud console. Apigee in the Google Cloud console gives you the ability to manage all of your Apigee functionality in one place.

To prepare for the shutdown of the Apigee Classic UI, familiarize yourself with the new Apigee UI in Google Cloud console by reviewingUI overview.

SeeApigee Classic UI shutdown for details on shutdown dates and exception request.

On May 29, 2025 we announced the shutdown schedule for the Apigee Classic UI.

The Apigee Classic UI will be shutdown as of August 29, 2025.

This is the final phase of moving Apigee to the Google Cloud console. Apigee in the Google Cloud console gives you the ability to manage all of your Apigee functionality in one place.

To prepare for the shutdown of the Apigee Classic UI, familiarize yourself with the new Apigee UI in Google Cloud console by reviewingUI overview.

SeeApigee Classic UI shutdown for details on shutdown dates and exception request.

On May 29, 2025, we released an updated version of Apigee.

Public Preview: Apigee Extension Processor support for request and response body processing

When creating a load balancer service extension, you can customize the behavior of the extension processor proxy to support request body processing, response body processing, or a combination of the two.

For more information, seeGet started with the Apigee Extension Processor.

On May 29, 2025 we announced the shutdown schedule for the Apigee Classic UI.

The Apigee Classic UI will be shutdown as of August 29, 2025.

This is the final phase of moving Apigee to the Google Cloud console. Apigee in the Google Cloud console gives you the ability to manage all of your Apigee functionality in one place.

To prepare for the shutdown of the Apigee Classic UI, familiarize yourself with the new Apigee UI in Google Cloud console by reviewingUI overview.

SeeApigee Classic UI shutdown for details on shutdown dates and exception request.

On May 27, 2025 we released an updated version of Apigee Advanced API Security.

With this release, Advanced API Security expands its runtime region support to includeafrica-south1 (Johannesburg).

For a list of supported regions, seeApigee locations.

On May 22, 2025, we released an updated version of Apigee.

Public preview of server-sent events

Apigee now supports continuous response streaming from server-sent event (SSE) endpoints to clients in real time. The Apigee SSE feature is useful for handling large language model (LLM) APIs that operate most effectively by streaming their responses back to the client. SSE streaming reduces latency, and clients can receive response data as soon as it is generated by an LLM. This feature supports the use of AI agents that operate in real time environments, such as customer service bots or workflow orchestrators. For more information, seeStreaming server-sent events.

Public Preview of Apigee policies for LLM/GenAI workloads

Four new Apigee policies supporting LLM/GenAI workloads are now available inPublic Preview:

• SemanticCacheLookup policy
• SemanticCachePopulate policy
• SanitizeUserPrompt
• SanitizeModelResponse

The Apigee semantic caching policies enable intelligent response reuse based on semantic similarity. Using these policies in your Apigee API proxies can minimize redundant backend API calls, reduce latency, and lower operational costs.

The Model Armor policies protect your AI applications by sanitizing user prompts to and responses from large language models (LLMs). Using these policies in your Apigee API proxies can mitigate the risks associated with LLM usage by leveraging Model Armor to detect prompt injection, prevent jailbreak attacks, apply responsible AI filters, filter malicious URLs, and protect sensitive data.

For more information on using these policies in your Apigee API proxies, see:

• Get started with semantic caching policies
• Get started with Apigee Model Armor policies

Apigee API hub is now available in the following regions:

• europe-west10 (Berlin)
• us-east5 (Columbus)
• us-south1 (Dallas)
• me-central2 (Dammam)
• asia-south2 (Delhi)
• me-central1 (Doha)
• europe-north1 (Finland)
• europe-west3 (Frankfurt)
• asia-east2 (Hong Kong)
• asia-southeast2 (Jakarta)
• africa-south1 (Johannesburg)
• us-west4 (Las Vegas)
• us-west2 (Los Angeles)
• europe-southwest1 (Madrid)
• australia-southeast2 (Melbourne)
• europe-west8 (Milan)
• northamerica-northeast1 (Montréal)
• europe-west4 (Netherlands)
• asia-northeast2 (Osaka)
• us-west3 (Salt Lake City)
• southamerica-west1 (Santiago)
• asia-northeast3 (Seoul)
• us-east1 (South Carolina)
• asia-east1 (Taiwan)
• me-west1 (Tel Aviv)
• asia-northeast1 (Tokyo)
• northamerica-northeast2 (Toronto)
• europe-west12 (Turin)
• europe-central2 (Warsaw)
• europe-west6 (Zürich)

For more information, seeAPI hub locations.

On May 20, 2025 we released a new version of Advanced API Security Abuse Detection.

For usage information, see theAbuse Detection customer documentation.

Updated UI for API hub

The API hub user interface is now updated to Google Material Design 2. This update provides a more consistent and modern look and feel, enhancing the overall user experience and aligning the UI with other Google Cloud products.

Attach and manage Tags

You can now add custom tags to your APIs and API deployments, making it easier to organize, categorize, and discover your API resources in API hub. Tags can also be used to conditionally allow or deny policies to a specific resource.

For more information seeAttach and manage tags.

API overview and metrics

TheGet Started with API hub page now includes new charts and scorecards to provide a quick overview of your API landscape.

For more information seeGet started with API hub.

hybrid 1.14.2-hotfix.1

On May 16, 2025 we released an updated version of the Apigee hybrid software, 1.14.2-hotfix.1.

Apply this hotfix with the following steps:

1. Download theapigee-org andapigee-env charts with the1.14.2-hotfix.1 version tag:

   export CHART_REPO=oci://us-docker.pkg.dev/apigee-release/apigee-hybrid-helm-chartsexport CHART_VERSION=1.14.2-hotfix.1helm pull $CHART_REPO/apigee-env --version $CHART_VERSION --untarhelm pull $CHART_REPO/apigee-org --version $CHART_VERSION --untar

2. Optional: Perform this step if you need to allow use of theallOf combinator along with settingadditionalProperties: true in your OAS spec. Seefixed bug 393615439.

   Add the following stanza to youroverrides.yaml:

   runtime:cwcAppend:conf_message-processor-communication_oas.disable.resolve.combinator:true

3. Install the hotfix release:

   1. Update theapigee-env chart with thehelm upgrade command and your current overrides file for each environment in your Apigee org:

      Dry run:

      helm upgradeENV_RELEASE_NAME apigee-env/ \--namespaceAPIGEE_NAMESPACE \--set env=ENV_NAME \--atomic \-fOVERRIDES_FILE \--dry-run=server

      • ENV_RELEASE_NAME is a name used to keep track of installation and upgrades of theapigee-env chart. This name must be unique from the other Helm release names in your installation. Usually this is the same asENV_NAME. However, if your environment has the same name as your environment group, you must use different release names for the environment and environment group, for exampledev-env-release anddev-envgroup-release. For more information on releases in Helm, seeThree big concepts in the Helm documentation.
      • APIGEE_NAMESPACE is your installation's namespace. The default isapigee.
      • ENV_NAME is the name of the environment you are upgrading.
      • OVERRIDES_FILE is your edited overrides file.

      Install the changes:

      helm upgradeENV_RELEASE_NAME apigee-env/ \--namespaceAPIGEE_NAMESPACE \--set env=ENV_NAME \--atomic \-fOVERRIDES_FILE

   2. Update theapigee-org chart:

      Dry run:

      helm upgradeORG_NAME apigee-org/ \--namespaceAPIGEE_NAMESPACE \-fOVERRIDES_FILE \--dry-run=server

      Install the changes:

      helm upgradeORG_NAME apigee-org/ \--namespaceAPIGEE_NAMESPACE \-fOVERRIDES_FILE

4. Verify the installation:

   Ensure runtime and udca pods are up and running by checking their state:

   kubectl -n APIGEE_NAMESPACE get pods -l app=apigee-runtime

   kubectl -n APIGEE_NAMESPACE get pods -l app=apigee-udca

• For information on upgrading, seeUpgrading Apigee hybrid to version 1.14.
• For information on new installations, seeThe big picture.

On May 14, 2025, we released an updated version of Apigee (1-15-0-apigee-4).

Scopes and attributes can now be added to the AppGroup App Key via a POST operation on the key using the appGroupAppKey. See theupdateAppGroupAppKey API for details.

Large message payload support in Apigee

Apigee now supports message payloads up to 30MB. For more information, see:

• Message payload size.
• Properties in theProxyEndpoint configuration elements reference.
• Properties in theTargetEndpoint configuration elements reference.

Improvements to the PublishMessage policy

ThePublishMessage policy now supports two new elements:

• The<UseMessageAsSource> element uses request or response message content as the source of data to be written toPub/Sub. For more information, see<UseMessageAsSource>.

• The<Attributes> element lets you specify string attributes (key/value pairs) to include with the request or response message that is written to Pub/Sub. For more information, see<Attributes>.

On May 6, 2025, we released a new Apigee REST resource for debug sessions.

Apigee now offers a Management API that allows users to list all recent debug sessions for a given proxy, regardless of revision or environment and current deployment status. This API is available for use, and is now used to populate all recent debug sessions in the Apigee Debug UI.

For more information on this method, see:organizations.apis.debugsessions.list

On May 6, 2025, we released a new Apigee REST resource for debug sessions.

Apigee now offers a Management API that allows users to list all recent debug sessions for a given proxy, regardless of revision or environment and current deployment status. This API is available for use, and is now used to populate all recent debug sessions in the Apigee Debug UI.

For more information on this method, see:organizations.apis.debugsessions.list

On May 5, 2025, we released an updated version of the Apigee UI.

On May 2, 2025, we released an updated version of Apigee (1-15-0-apigee-3).

See entry forMay 14, 2025 for the updated version number and payload.

Large message payload support in Apigee

Apigee now supports message payloads up to 30MB. For more information, see:

• Message payload size.
• Properties in theProxyEndpoint configuration elements reference.
• Properties in theTargetEndpoint configuration elements reference.

Improvements to the PublishMessage policy

ThePublishMessage policy now supports two new elements:

• The<UseMessageAsSource> element uses request or response message content as the source of data to be written toPub/Sub. For more information, see<UseMessageAsSource>.

• The<Attributes> element lets you specify string attributes (key/value pairs) to include with the request or response message that is written to Pub/Sub. For more information, see<Attributes>.

hybrid v1.14.2

On May 2, 2025 we released an updated version of the Apigee hybrid software, 1.14.2.

• For information on upgrading, seeUpgrading Apigee hybrid to version 1.14.
• For information on new installations, seeThe big picture.

Large message payload support in Apigee hybrid

Apigee now supports message payloads up to 30MB. For information see:

• Message payload size
• runtime.resources.limits.memory in the Configuration property reference.
• runtime.resources.requests.memory in the Configuration property reference.

Starting with v1.14.2, third-party container images will be labeled with a version tag that matches the Apigee hybrid image tag. This affects the image tags returned by theapigee-pull-push command line tool. For more information, see:

• Use a private image repository with Apigee hybrid
• apigee-pull-push
• hub

With this release, we are enablingApigee API hub for existing Apigee organizationsin regions where API hub is supported. All existing Apigee organizations, including hybrid organizations, that selected an API hub-supported regionfor their Apigee Analytics region will have access to API hub features at no additional cost.

API hub allows you to view, organize, and manage all of the APIs in your Apigee organization in one central location. To learn more, seeWhat is Apigee API hub?

The process of enabling API hub for these organizations will continue over the next several weeks until all eligible organizations are updated. No action on your part is required to provision API hub for your organization, with the following exceptions:

• If your Apigee organization has Data Residency or VPC Service Controls enabled, you must configure your API hub instance manually to support these services. SeeVPC Service Controls for API hub andAPI hub and data residency for more information.
• If your Apigee organization uses Customer-Managed Encryption Keys (CMEK), you must deprovision the Apigee API hub instance provided by default and recreate it to support CMEK. SeeDeprovision Apigee API hub andProvision API hub in the Cloud console for step-by-step instructions.

ContactGoogle Cloud Support for questions or assistance.

On April 29, 2025, we released an updated version of Apigee.

Apigee API hub is enabled for existing Apigee organizations in supported regions.

With this release, we are enablingApigee API hub for existing Apigee organizationsin regions where API hub is supported. All existing Apigee organizations, including hybrid organizations, that selected an API hub-supported regionfor their Apigee Analytics region will have access to API hub features at no additional cost.

API hub allows you to view, organize, and manage all of the APIs in your Apigee organization in one central location. To learn more, seeWhat is Apigee API hub?

The process of enabling API hub for these organizations will continue over the next several weeks until all eligible organizations are updated. No action on your part is required to provision API hub for your organization, with the following exceptions:

• If your Apigee organization has Data Residency or VPC Service Controls enabled, you must configure your API hub instance manually to support these services. SeeVPC Service Controls for API hub andAPI hub and data residency for more information.
• If your Apigee organization uses Customer-Managed Encryption Keys (CMEK), you must deprovision the Apigee API hub instance provided by default and recreate it to support CMEK. SeeDeprovision Apigee API hub andProvision API hub in the Cloud console for step-by-step instructions.

ContactGoogle Cloud Support for questions or assistance.

On April 29, 2025, we released an updated version of Apigee.

On April 22, 2025 we released a new version of the Apigee integrated portal.

SeePublishing overview to get started.

On April 22, 2025 we released a new version of the Apigee integrated portal.

SeePublishing overview to get started.

On April 15, 2025 we released an updated version of Apigee Analytics and the Apigee UI.

On April 15, 2025 we released an updated version of Apigee Analytics and the Apigee UI.

Starting with this release, the Analytics dashboards available in the Apigee Classic UI redirect to the comparable dashboards in Apigee UI in Cloud console. These dashboards are available exclusively in the Apigee UI in Cloud console going forward.

For information and usage instructions for the Analytics dashboards, seeApigee API Analytics overview.

Starting with this release, the Analytics dashboards available in the Apigee Classic UI redirect to the comparable dashboards in Apigee UI in Cloud console. These dashboards are available exclusively in the Apigee UI in Cloud console going forward.

For information and usage instructions for the Analytics dashboards, seeApigee API Analytics overview.

On April 15, 2025 we released an updated version of Apigee Analytics and the Apigee UI.

On April 15, 2025 we released an updated version of Apigee Analytics and the Apigee UI.

On April 15, 2025 we released an updated version of Apigee Analytics and the Apigee UI.

Starting with this release, the Analytics dashboards available in the Apigee Classic UI redirect to the comparable dashboards in Apigee UI in Cloud console. These dashboards are available exclusively in the Apigee UI in Cloud console going forward.

For information and usage instructions for the Analytics dashboards, seeApigee API Analytics overview.

Starting with this release, the Analytics dashboards available in the Apigee Classic UI redirect to the comparable dashboards in Apigee UI in Cloud console. These dashboards are available exclusively in the Apigee UI in Cloud console going forward.

For information and usage instructions for the Analytics dashboards, seeApigee API Analytics overview.

Starting with this release, the Analytics dashboards available in the Apigee Classic UI redirect to the comparable dashboards in Apigee UI in Cloud console. These dashboards are available exclusively in the Apigee UI in Cloud console going forward.

For information and usage instructions for the Analytics dashboards, seeApigee API Analytics overview.

On April 14, 2025 we released an updated version of Apigee.

Announcing data collectors data residency (DRZ) compliance for Apigee and Apigee hybrid.

Data collectors can be used with data residency for Subscription and Pay-as-you-go organizations and hybrid versions 1.14.0 and later.

SeeData residency compatibility for information.

On April 14, 2025 we released an updated version of Apigee.

Announcing data collectors data residency (DRZ) compliance for Apigee and Apigee hybrid.

Data collectors can be used with data residency for Subscription and Pay-as-you-go organizations and hybrid versions 1.14.0 and later.

SeeData residency compatibility for information.

hybrid 1.11.2-hotfix.3

On April 14, 2025 we released an updated version of the Apigee hybrid software, 1.11.2-hotfix.3.

Apply this hotfix with the following steps:

1. In your overrides file, update theimage.url andimage.tag properties ofao andruntime:

   runtime:image:url:"gcr.io/apigee-release/hybrid/apigee-runtime"tag:"1.11.2-hotfix.3"

2. Install the hotfix release:

   • For Helm-managed releases, update theapigee-env chart with thehelm upgrade command and your current overrides files:

     For each environment in your Apigee org:

     helm upgrade ENV_RELEASE_NAME apigee-env/ \  --namespace APIGEE_NAMESPACE \  --set env=ENV_NAME \  --atomic \  -f OVERRIDES_FILE

     • ENV_RELEASE_NAME is a name used to keep track of installation and upgrades of theapigee-env chart. This name must be unique from the other Helm release names in your installation. Usually this is the same asENV_NAME. However, if your environment has the same name as your environment group, you must use different release names for the environment and environment group, for exampledev-env-release anddev-envgroup-release. For more information on releases in Helm, seeThree big concepts in the Helm documentation.
     • APIGEE_NAMESPACE is your installation's namespace. The default isapigee.
     • ENV_NAME is the name of the environment you are upgrading.
     • OVERRIDES_FILE is your edited overrides file.

   • Forapigeectl-managed releases:

     1. Install the hotfix release withapigeectl init using your updated overrides file:

        ${APIGEECTL_HOME}/apigeectlinit-fOVERRIDES_FILE--dry-run=client

        Followed by:

        ${APIGEECTL_HOME}/apigeectlinit-fOVERRIDES_FILE

     2. Apply the hotfix release withapigeectl apply:

        ${APIGEECTL_HOME}/apigeectlapply-fOVERRIDES_FILE--all-envs--dry-run=client

        Followed by:

        ${APIGEECTL_HOME}/apigeectlapply-fOVERRIDES_FILE--all-envs

• For information on upgrading, seeUpgrading Apigee hybrid to version 1.11.
• For information on new installations, seeThe big picture.
• For recommended actions after upgrading, seeValidate policies after upgrade to 1.12-hotfix.3.

Stricter class instantiation checks included in this release.

JavaCallout policy now includes additional security during Java class instantiation. The enhanced security measure prevents the deployment of policies that directly or indirectly attempt actions that require permissions that are not allowed.

In most cases, existing policies will continue to function as expected without any issues. However, there is a possibility that policies relying on third-party libraries, or those with custom code that indirectly triggers operations requiring elevated permissions, could be affected.

To test your installation, follow the procedure inValidate policies after upgrade to 1.11.2-hotfix.3 to validate policy behavior.

The Apigee Extension Processor is nowgenerally available (GA).

The Apigee Extension Processor lets Apigee customers add API management capabilities to Google Cloud and third-party products and services exposed using Cloud Load Balancing. Select from a range of Apigee policies that enable you to:

• Secure access to your workloads.
• Apply quota enforcement to network traffic.
• Manage Google access token and Google ID token injection to authenticate requests.
• Support native protocols like gRPC, SSE, and HTTP/3.

For more information, see theApigee Extension Processor overview.

On April 10, 2025, we released an updated version of Apigee.

VPC Service Controls (VPC-SC) integration (Preview)

API hub now integrates with VPC Service Controls, providing enhanced network security for your API hub instance provisioned in Google Cloud. Establish service perimeters to control ingress and egress traffic. For more information, seeVPC Service Controls for API hub.

Data residency zone compliance

API hub is now compliant with data residency Zone C3 requirements.

For more information, seeAPI hub and data residency.

Terraform support for provisioning

You can now provision API hub instances programmatically using Terraform for Google Cloud within Cloud Shell, enabling infrastructure-as-code practices. For more information, seeProvision API hub using Terraform.

Attach API documents

You can now enhance your API documentation by attaching additional relevant files, such as requirements, design documents, and functionality details, directly to your APIs in API hub.

Deprovision an API hub instance [API only]

You can now delete an API hub instance from your Google Cloud project using theApiHubInstance API. For more information, seeDeprovision Apigee API hub.

API Supply chain graph view

Visualize and understand the dependencies within your API ecosystem with the new interactive API supply chain graph view. This directed graph allows you to explore the relationships between your APIs and API operations. For more information, seeAPI Supply chain views.

API Metadata Curations

API hub introduces a curation process to transform and enrich API metadata ingested by plugins. This ensures consistency across different sources, enabling effective governance, discovery, and management of your APIs. For more information, seeCurations overview.

Enhancements to the Operations entity [API only]

You can now add, edit, or delete operations for an API version even if it lacks a specification file or has an unparsable one. For more information, seeManage operations.

Plugin Framework

API hub now uses a plugin framework to connect and ingest API metadata from various Google Cloud services and external sources where your APIs are managed or defined. This provides a flexible and extensible way to integrate with your existing API landscape. For more information, seePlugins overview.

New flow variable suffixes available for accessing base64-encoded message content.

There are two new read-only flow variable suffixes available for accessing message content in base64-encoded form:

• content.as.base64
• content.as.url.safe.base64

These variable suffixes can be used with therequest,response, andmessage objects, as well as with anyMessage object created implicitly during API proxy execution when using the AssignMessage or ServiceCallout policies.

For more information, seeFlow variables reference.

On March 31, 2025, we released an updated version of Apigee (1-15-0-apigee-2).

SeeClient IP resolution for information.

On March 26, 2025, we released an updated version of Apigee (1-14-0-apigee-5). This Apigee version appliesonly to organizations using theJavaCallout policy in production environments.

SeeClient IP resolution for information.

On March 25, 2025 we released an updated version of Advanced API Security.

Risk Assessment v2 is now the default Risk Assessment version

Starting with this release, Risk Assessment v2 is the default Risk Assessment version in the UI. You will see the see v2 functionality and interfaces unless you choose to switch back to v1 by clickingSwitch to v1 in the upper right of the UI.

Note: Rollouts of this functionality to production instances will begin within two business days and may take four or more business days to complete across all Google Cloud zones. Your instances may not have the feature available until the rollout is complete.

New features added to public preview of Risk Assessment v2

This release introduces new features to the Risk Assessment v2 preview:

• Security monitoring conditions. Security monitoring conditions allow you to map resources (proxies or environments) to security profiles. Cloud Monitoring can then use this mapping to alert or create dedicated dashboards so that you can track security scores over time.
• Alerts on security monitoring conditions. Once you've created a monitoring condition, you can set up alerts using Alerting in Cloud Monitoring so that you're notified when the security scores change.

For information on monitoring conditions features and usage seemonitoring conditions and alerts. For usage information and a list of all features in Risk Assessment v2, see theRisk Assessment v2 customer documentation.

Note: Rollouts of this functionality to production instances will begin within two business days and may take four or more business days to complete across all Google Cloud zones. Your instances may not have the feature available until the rollout is complete.

New Advanced API Security support when using data residency (DRZ) with Apigee hybrid

Advanced API Security is now available for Apigee hybrid orgs using DRZ, for hybrid versions 1.14.0 and later. SeeUsing data residency with Apigee hybrid.

SeeIntroduction to data residency for information on DRZ and Advanced API Security support across organization types.

On March 25, 2025 we released an updated version of Advanced API Security.

New Advanced API Security support when using data residency (DRZ) with Apigee hybrid

Advanced API Security is now available for Apigee hybrid orgs using DRZ, for hybrid versions 1.14.0 and later. SeeUsing data residency with Apigee hybrid.

SeeIntroduction to data residency for information on DRZ and Advanced API Security support across organization types.

On March 24, 2025, we released an updated version of Apigee.

Apigee Spaces is nowgenerally available (GA) for use in Apigee organizations.

Apigee Spaces enables identity-based isolation and grouping of API resources within an Apigee organization. With Apigee Spaces, you can have granular IAM control over access to your API proxies, shared flows, and API products.

Spaces also provide the option of resource isolation at a team level, providing a clear separation of resources associated with different teams operating within the same Apigee organization. IAM policies can be applied at the Space level, eliminating the need to manage permissions individually for every API proxy, shared flow, and API product.

Spaces are a brand new resource type with resource-level permissions. This means that Space permissions are not subject to the 64k limitation for project-level IAM conditions. Each space has its own 64k limit.

To learn more, seeApigee Spaces overview.

On March 17, 2025, Apigee announced the GA support for DNS peering for Apigee organizations that have VPC peering disabled.

For Apigee organizations set up without VPC peering, you can now configure Apigee to resolve your private domains by peering your DNS zones with Apigee. SeeConnecting with private DNS peering zones.

On March 14, 2025, we released an updated version of the Apigee UI.

With this release, theFilter display name for theproxy field in theCustom reports page of the Apigee UI in Cloud console is changed toProxy Endpoint.

This change should help users differentiate betweenProxy andProxy Endpoint values when configuring filters for custom reports using Apigee API Analytics.

For more information, see [Creating and managing custom reports](/apigee/docs/api-platform/analytics/create-custom-reports#setting-filters).

On March 12, 2025, we released an updated version of the Apigee UI.

On March 12, 2025, we released an updated version of Apigee (1-15-0-apigee-1).

TheNimbus JOSE + JWT library may cause a java.lang.ClassCircularityError when using a JavaCallout policy.

For more information, seeApigee known issues.

TheNimbus JOSE + JWT library may cause a java.lang.ClassCircularityError when using a JavaCallout policy.

For more information, seeApigee known issues.

For usage information, seeObfuscate user data for Apigee API Analytics andData obfuscation with Advanced API Security.

On March 5, 2025, we released an updated version of the Apigee UI.

Manage process ID limits

The procedure to manage the process ID limits in your clusters has been added to the documentation.

A Process ID limit is a Kubernetes resource constraint on nodes and pods to prevent excessive process creation, which can impact node stability. Setting process ID limits in Kubernetes can improve system stability, security, and resource management. This is also consistent with Kubernetes best practices. Apigee Hybrid supports the Kubernetes feature to set process ID limits.

See:Manage process ID limits.

hybrid v1.14.1

On March 1, 2025 we released an updated version of the Apigee hybrid software, 1.14.1.

This release enhances the security posture within theJavaCallout andPythonScript policies. This release does not include any new features or general bug fixes.

• For information on upgrading, seeUpgrading Apigee hybrid to version 1.14.
• For information on new installations, seeThe big picture.
• For recommended actions after upgrading, seeValidate policies after upgrade to 1.14.1.

Stricter class instantiation checks included in this release.

JavaCallout policy now includes additional security during Java class instantiation. The enhanced security measure prevents the deployment of policies that directly or indirectly attempt actions that require permissions that are not allowed.

In most cases, existing policies will continue to function as expected without any issues. However, there is a possibility that policies relying on third-party libraries, or those with custom code that indirectly triggers operations requiring elevated permissions, could be affected.

To test your installation, follow the procedure inValidate policies after upgrade to 1.14.1 to validate policy behavior.

Stricter class instantiation checks included in this release.

JavaCallout policy now includes additional security during Java class instantiation. The enhanced security measure prevents the deployment of policies that directly or indirectly attempt actions that require permissions that are not allowed.

In most cases, existing policies will continue to function as expected without any issues. However, there is a possibility that policies relying on third-party libraries, or those with custom code that indirectly triggers operations requiring elevated permissions, could be affected.

To test your installation, follow the procedure inValidate policies after upgrade to 1.13.3 to validate policy behavior.

hybrid v1.13.3

On March 1, 2025 we released an updated version of the Apigee hybrid software, 1.13.3.

This release enhances the security posture within theJavaCallout andPythonScript policies. This release does not include any new features or general bug fixes.

• For information on upgrading, seeUpgrading Apigee hybrid to version 1.13.
• For information on new installations, seeThe big picture.
• For recommended actions after upgrading, seeValidate policies after upgrade to 1.13.3.

Manage process ID limits

The procedure to manage the process ID limits in your clusters has been added to the documentation.

A Process ID limit is a Kubernetes resource constraint on nodes and pods to prevent excessive process creation, which can impact node stability. Setting process ID limits in Kubernetes can improve system stability, security, and resource management. This is also consistent with Kubernetes best practices. Apigee Hybrid supports the Kubernetes feature to set process ID limits.

See:Manage process ID limits.