InfoQ - API Gateway https://www.infoq.com InfoQ API Gateway feed Azure API Management Ships Unified Model API and MCP Content Safety at Build 2026 https://www.infoq.com/news/2026/06/azure-apim-ai-gateway-build/?utm_campaign=infoq_content&utm_source=infoq&utm_medium=feed&utm_term=API+Gateway <img src="https://res.infoq.com/news/2026/06/azure-apim-ai-gateway-build/en/headerimage/generatedHeaderImage-1780994586581.jpg"/><p>Azure API Management shipped a Unified Model API that lets clients speak one format while APIM transforms requests to Anthropic, Vertex AI, and other backends. Content safety policies now cover MCP tool calls and Agent-to-Agent payloads alongside LLM traffic. Token metrics expanded to track reasoning, cached, and audio tokens across providers.</p> <i>By Steef-Jan Wiggers</i> Microsoft Azure Azure AI Architecture API Gateway Cloud DevOps AI, ML & Data Engineering Development Architecture & Design news Wed, 10 Jun 2026 09:38:00 GMT https://www.infoq.com/news/2026/06/azure-apim-ai-gateway-build/?utm_campaign=infoq_content&utm_source=infoq&utm_medium=feed&utm_term=API+Gateway Steef-Jan Wiggers 2026-06-10T09:38:00Z /news/2026/06/azure-apim-ai-gateway-build/en A Trailing Slash Bypassed AWS API Gateway Authorization https://www.infoq.com/news/2026/06/aws-api-gateway-auth-bypass/?utm_campaign=infoq_content&utm_source=infoq&utm_medium=feed&utm_term=API+Gateway <img src="https://res.infoq.com/news/2026/06/aws-api-gateway-auth-bypass/en/headerimage/generatedHeaderImage-1779890404425.jpg"/><p>A security researcher found that adding a trailing slash to AWS HTTP API paths bypassed Lambda authorizer authentication entirely, enabling unauthenticated wire transfers at a fintech. The root cause is a path normalization mismatch between HTTP API's greedy route matching and its authorization layer. The same vulnerability class appeared in gRPC-Go via CVE-2026-33186.</p> <i>By Steef-Jan Wiggers</i> AWS API Gateway AWS Lambda Application Security Cloud Security Vulnerabilities DevOps Development Architecture & Design news Mon, 01 Jun 2026 09:55:00 GMT https://www.infoq.com/news/2026/06/aws-api-gateway-auth-bypass/?utm_campaign=infoq_content&utm_source=infoq&utm_medium=feed&utm_term=API+Gateway Steef-Jan Wiggers 2026-06-01T09:55:00Z /news/2026/06/aws-api-gateway-auth-bypass/en