Release notes

Review the release notes for agentgateway standalone.

For more details, review the GitHub release notes in the agentgateway repository

🌟 New features

Conditional policy execution

Policies can now be selected conditionally using CEL expressions. Conditional execution is supported for external auth, transformations, rate limiting, external processing, and direct responses. The first matching policy is applied, with an optional final fallback entry. For more information, see Conditional policies.

Route delegation

Agentgateway now supports route delegation, allowing parent routes to delegate portions of their routing tree to child routes. Platform teams can own shared parent routes while application teams manage delegated route fragments. For more information, see Route delegation.

`agctl` CLI debugging tool

A new experimental agctl command-line tool for inspecting and debugging agentgateway is now available. To install agctl, see Install agctl.

agctl config renders the runtime configuration that an agentgateway proxy has loaded, including binds, listeners, routes, backends, workloads, and policies, as a structured table, JSON, or YAML. agctl config backends shows per-backend health, request counts, and latency. For more information, see Inspect agentgateway configuration.
agctl trace streams a step-by-step trace of how the proxy processes the next request, showing the matched route, applied policies, chosen backend, and response status. For more information, see Trace requests with agctl.

For a complete command reference, see agctl CLI reference.

Policy targets

Policies can now target resources by label selector in addition to explicit attachment points. This configuration makes it easier to apply shared policy configuration across groups of listeners, routes, or backends. For more information, see Attachment points.

PROXY protocol support

Listeners now support downstream PROXY protocol handling, including strict and optional modes and PROXY protocol v1/v2 selection. For more information, see Listeners.

Locality load balancing and failover

The data plane now supports locality-aware load balancing and failover, improving traffic placement for multi-zone and multi-region deployments.

LLM gateway enhancements

Azure provider: A new Azure provider supports both Azure OpenAI and Azure AI Foundry style resources. For more information, see Azure OpenAI.
Copilot support: Added Copilot authentication and LLM provider support.
Gemini Responses API: Responses API requests can now be routed to Gemini. For more information, see Google Gemini.
Path prefixes: Custom path prefixes now work across all LLM providers, including Gemini, Vertex, Bedrock, and Azure.
OpenAI compatibility: OpenAI chat completion requests now normalize max_tokens to max_completion_tokens.
Azure Content Safety guardrails: Prompt and response guardrails can now use Azure AI Content Safety.
Bedrock guardrails masking: Bedrock guardrails now support masking. For more information, see Amazon Bedrock.

MCP improvements

Session TTL: MCP sessions can now be configured with an idle TTL. For more information, see MCP connectivity.
Stateless MCP: Stateless MCP initialization and shutdown behavior is improved.
List resources with multiplexing: ListResourcesRequest now works with multiplexed MCP targets.

Authentication and authorization

Backend external auth: External auth can now run as a backend policy after backend selection. For more information, see External authorization.
Auth credential locations: JWT, basic auth, API key, and backend auth can now override where credentials are read from or inserted, including headers, query parameters, and cookies. For more information, see JWT authentication and API key authentication.
Explicit GCP credentials: GCP backend auth can now use explicit Secret-backed credentials. For more information, see Backend authentication.

Traffic, TLS, and networking

Post-quantum TLS: TLS configuration now supports post-quantum key exchange groups, including X25519_MLKEM768. For more information, see Listeners.
Max connection duration: HTTP listeners can now enforce a maximum connection duration.
HTTP/2 pooling: HTTP/2 connection pooling is improved to avoid the single-connection bottleneck.

Operations

Agentgateway’s memory allocator performance is improved, resulting in increased runtime performance and decreased memory utilization.
A new /debug/pprof/heap endpoint is available to get a pprof snapshot of current and historical allocations.

Telemetry

Custom Prometheus labels: Policies can add custom Prometheus metric labels using CEL expressions. For more information, see Metrics.
OpenTelemetry environment variables: The OTEL configuration now respects standard environment variables. For more information, see Traces.

🪲 Notable fixes

Fixed A2A policy matching for agents hosted under sub-paths.
Fixed A2A and MCP handling of X-Forwarded-Proto.
Fixed policies that target missing or non-existent backends from silently attaching to the gateway.
Fixed JWKS stale fetches, startup fetch behavior, cache cleanup, and orphan cleanup.
Fixed CEL property parsing after bracket accessors.
Fixed CEL response.body access when upstream responses are compressed.
Fixed request body buffering when CEL expressions do not need the body.
Fixed Host and :authority alignment after header mutation.
Fixed stripping of hop-by-hop connection headers and encoding headers for more consistent behavior.
Fixed invalid htpasswd entries to fail gracefully instead of breaking basic auth handling.
Fixed active stream accounting in the connection pool when debug assertions are disabled.

Configuration reference agctl CLI reference

Was this page helpful?