News KrakenD 2023: Milestones and New Horizons

Key KrakenD Features - Open Source VS Enterprise

List of features and functional differences between Community and Enterprise

Whether you opt for KrakenD's Open Source or Enterprise edition, you're choosing a robust API Gateway trusted by industry leaders. The Enterprise edition builds on this solid foundation by offering additional premium features designed for those looking to optimize time-to-market and operational costs. Vendor support is included with the Enterprise edition and available as an optional paid service for the Community edition.

Whichever path you choose, know that KrakenD engineers are committed to your success.


Community Edition VS Enterprise Edition comparison

CI/CD, GitOps, and development tools

Command line tools to integrate in your GitOps pipelines.

CE
EE
KrakenD Designer
A visual tool to generate KrakenD configurations
Included in CommunityIncluded in Enterprise
Audit configuration
Check security and best practices recommendations of your configuration before going live
Included in CommunityIncluded in Enterprise
Syntax validation and linting
Validate configuration files (syntax, linting, route declaration testing)
Included in CommunityIncluded in Enterprise
Flexible configuration
Declare the configuration using templates and environment-specific values
Included in CommunityIncluded in Enterprise
Extended flexible configuration
Extends the flexible config adding $ref, nested directories, multiple settings file formats, conflict handling, debugging and more.
Not included in CommunityIncluded in Enterprise
Multi-format configuration
Write the configuration in JSON, YAML, TOML, HCL and more.
Included in CommunityIncluded in Enterprise
Hot-reload in development
Speed up development with a specific container with hot-reload functionality
Included in CommunityIncluded in Enterprise
IDE integration
Automatic validation as you type, showing documentation while hovering an attribute, explanation of errors, and autocompletion of properties
Included in CommunityIncluded in Enterprise
Plugin builder
A ready-to-use image to build your custom Go plugins and embed them in KrakenD
Included in CommunityIncluded in Enterprise
End-to-end testing tool
Integrated tool to write integration tests to launch in your pipeline and check that the functionality works correctly
Not included in CommunityIncluded in Enterprise
OpenAPI importer
Import configurations from OpenAPI + Mocking server generation (Swagger v2 & OpenAPI 3)
Not included in CommunityIncluded in Enterprise
OpenAPI exporter
Generate OpenAPI documentation from the KrakenD configuration
Not included in CommunityIncluded in Enterprise
OpenAPI server
Start an API gateway from an OpenAPI definition file.
Not included in CommunityIncluded in Enterprise
Postman
Generate Postman collections during the CI/CD stage
Not included in CommunityIncluded in Enterprise
DOT image generator
Generate Graphviz images displaying your configuration logic
Not included in CommunityIncluded in Enterprise
Dump to disk
Dump requests and responses into a files
Not included in CommunityIncluded in Enterprise
Community Edition VS Enterprise Edition comparison

Request and response transformation

KrakenD goes beyond the simple proxying to service and offers numerous ways to work with multiple data sources simultaneously.

CE
EE
Backend For Frontend
Create an API consumption layer that provides aggregated “views” of several services and returns only the needed data
Included in CommunityIncluded in Enterprise
Aggregation
Create endpoints with data views aggregation from multiple APIs or services simultaneously
Included in CommunityIncluded in Enterprise
Data transformation
Filter, group, capture, rename, inject, and more on responses from services.
Included in CommunityIncluded in Enterprise
HTTP Cache headers (for CDN)
Set automatically cache headers for CDN or intermediate caching
Included in CommunityIncluded in Enterprise
Automatic output encoding
Automatic output encoding and translation (XML, JSON, RSS, noop)
Included in CommunityIncluded in Enterprise
Faster JSON decoding (fastjson)
A speed-optimized JSON decoder for larger datasets and complex objects
Not included in CommunityIncluded in Enterprise
Flatmap
Manipulate arrays and flatten objects from the response
Included in CommunityIncluded in Enterprise
Gzip compression
Ouput compression of responses in gzip format
Not included in CommunityIncluded in Enterprise
Request manipulation using go templates (body generator)
Craft the body you send to a backend through templates, and injecting other values from the user request such as the original body, headers, querystrings or URL parameters.
Not included in CommunityIncluded in Enterprise
Response manipulation using go templates
Completely manipulate the response of a backend using Go templates before it is returned to the end-user.
Not included in CommunityIncluded in Enterprise
Response manipulation with query language
Select, slice, filter, map, project, flatten, sort, and all sorts of operations through a javascript-like query language
Not included in CommunityIncluded in Enterprise
Regular expression replacements
Modify the response of your services with regular expressions.
Not included in CommunityIncluded in Enterprise
Conditional request and responses (CEL)
Add validation rules to continue with the request or to return the response
Included in CommunityIncluded in Enterprise
Lua scripting
Transform requests and responses with Lua scripts
Included in CommunityIncluded in Enterprise
Custom Go plugins
Write your own Go plugins and side-load them with KrakenD to extend the functionality
Included in CommunityIncluded in Enterprise
JSON Schema response validation
Ensure the response passes a JSON schema validation before returning it to the end-user
Not included in CommunityIncluded in Enterprise
JSON Schema request validation
Validate the request body against a JSON schema
Included in CommunityIncluded in Enterprise
Martian (DSL)
Statically transform requests and responses through a simple DSL definition
Included in CommunityIncluded in Enterprise
Multistrategy error handling
Override the policy of returning backend error details with different strategies (delegated, graceful degradation, forward, interpretation)
Included in CommunityIncluded in Enterprise
Cache
Store backend responses in memory to reduce the number of calls a user sends to the origin, reducing the network traffic and alleviating your services’ pressure.
Included in CommunityIncluded in Enterprise
Sequential proxy
Use the ouput of a previous call to be chained in the next call.
Included in CommunityIncluded in Enterprise
Mocked data
Add static/stub data as replacement of failing responses or while you are scaffolding your project.
Included in CommunityIncluded in Enterprise
Community Edition VS Enterprise Edition comparison

Security

KrakenD is secure by default, and has a zero-trust approach. It also allows you to add and modify multiple options to protect you from hacking attempts.

CE
EE
Security Policies Engine
A powerful engine that evaluates requests, responses and tokens during runtime and allows you to perform business validation logic, ABAC, and RBAC.
Not included in CommunityIncluded in Enterprise
TLS for HTTPS and HTTP/2
TLS configuration secured by default to TLS 1.3
Included in CommunityIncluded in Enterprise
Zero-trust parameter forwarding
Explicit configuration for cookie, query-string, and headers forwarding
Included in CommunityIncluded in Enterprise
Restrict connections by host
Define a list of hosts that KrakenD should accept requests to.
Included in CommunityIncluded in Enterprise
Clickjacking protection
OWASP recommendations that add a frame-breaking strategy.
Included in CommunityIncluded in Enterprise
MIME-Sniffing prevention
Prevent the user’s browser from interpreting files as something else than declared by the content type
Included in CommunityIncluded in Enterprise
Cross-site scripting (XSS) protection
Enables the Cross-site scripting (XSS) filter in the user’s browser.
Included in CommunityIncluded in Enterprise
HTTP Strict Transport Security (HSTS)
Web security policy mechanism to protect websites against protocol downgrade attacks and cookie hijacking
Included in CommunityIncluded in Enterprise
HTTP Public Key Pinning (HPKP)
Resist impersonation by attackers using mis-issued or otherwise fraudulent certificates.
Included in CommunityIncluded in Enterprise
CORS
Cross-origin resource sharing
Included in CommunityIncluded in Enterprise
Community Edition VS Enterprise Edition comparison

Routing

Options to work with routing

CE
EE
Noop proxy
Proxy requests to a single backend without manipulation and preserving the response as is.
Included in CommunityIncluded in Enterprise
Traffic shadowing/mirroring
Test new backends in production by sending them copies of the traffic but ignore their responses.
Included in CommunityIncluded in Enterprise
JWT claim-based routing
JSON Web Token processing to assemble the final upstream URL
Included in CommunityIncluded in Enterprise
Catchall (Fallback upstream)
Receives all the traffic from routes and methods that do not resolve to any of the other existing endpoints in the configuration.
Not included in CommunityIncluded in Enterprise
Header and query string based dynamic routing
Header and query string processing to assemble the final upstream URL
Not included in CommunityIncluded in Enterprise
Wildcard routes
Create a single endpoint for a group of URLs sharing a common pattern (e.g.: /foo/*).
Not included in CommunityIncluded in Enterprise
URL rewrite
Define a set of URLs or regular expressions that are handled by an endpoint
Not included in CommunityIncluded in Enterprise
Virtual Hosts
Run different configurations of KrakenD endpoints based on the host accessing the server.
Not included in CommunityIncluded in Enterprise
Configurable client redirects
Allow the end-user to follow redirects set by services instead of the gateway resolving them.
Not included in CommunityIncluded in Enterprise
Community Edition VS Enterprise Edition comparison

Authorization and authentication

Authorization, authentication and related functionalities to protect your endpoints.

CE
EE
JWT, OpenID Connect, OAuth2
Authorize tokens coming from third parties or your company identity provider, and apply business logic rules.
Included in CommunityIncluded in Enterprise
JWT token signing
A wrapper for your existing login endpoint that signs with your secret key the selected fields of the backend payload right before returning the content to the end-user.
Included in CommunityIncluded in Enterprise
Client credentials
OAuth 2.0 Client Credentials Grant to automatically request access tokens before reaching the backend’s protected resources.
Included in CommunityIncluded in Enterprise
Basic authentication
Authentication of requests based on .htpasswd files
Not included in CommunityIncluded in Enterprise
API keys
Authenticate users with API keys in headers or query strings
Not included in CommunityIncluded in Enterprise
Token revocation bloom filter
An RPC listener that allows you to revoke JWT tokens
Included in CommunityIncluded in Enterprise
Revoke Server
An API to revoke tokens through all KrakenD nodes in a cluster
Not included in CommunityIncluded in Enterprise
Multiple identity providers per endpoint
Support validation of tokens originated in multiple identity providers, internal or external
Not included in CommunityIncluded in Enterprise
mTLS
Mutual TLS authentication (mTLS) for authentication in business-to-business (B2B) applications where clients provide certificates to connect to KrakenD.
Included in CommunityIncluded in Enterprise
NTLM authentication
NT Login Manager Authentication against Window backends like Microsoft Dynamics.
Not included in CommunityIncluded in Enterprise
Community Edition VS Enterprise Edition comparison

Services Connectivity

Integrations with non-REST services

CE
EE
Protocol translation
Offer REST content while consuming other protocols from the services like AMQP, Kafka, NATS, gRPC to name a few
Included in CommunityIncluded in Enterprise
gRPC
Connect to your gRPC services by providing the .proto files
Not included in CommunityIncluded in Enterprise
Static web server
Enable static web server capabilities to serve javascript applications, CSS, images, etc along with its API.
Not included in CommunityIncluded in Enterprise
Service discovery
Connect to services using weighted DNS SRV records
Included in CommunityIncluded in Enterprise
GraphQL
REST to GraphQL transformation and GraphQL gateway as a proxy
Included in CommunityIncluded in Enterprise
Load Balancing
Balancing egress traffic (to upstream)
Included in CommunityIncluded in Enterprise
Async Agents
Implement event-driven architectures with Async agents, which react to new events in queues and push data to your backends or webhooks.
Included in CommunityIncluded in Enterprise
Lambda functions
Invoke Amazon Lambda functions on a KrakenD endpoint call
Included in CommunityIncluded in Enterprise
SOAP integration
REST to SOAP and request forgery and manipulation to efortlessly modernize legacy services
Not included in CommunityIncluded in Enterprise
WebSockets
WebSocket Protocol (RFC-6455) to enable two-way communication between a client to a backend host through the API gateway.
Not included in CommunityIncluded in Enterprise
Intermediary web proxy
Connections to services through an HTTP corporate proxy
Not included in CommunityIncluded in Enterprise
AMQP/RabbitMQ Consumer
Retrieve messages from a queue and deliver them to the user as a REST endpoint
Included in CommunityIncluded in Enterprise
AMQP/RabbitMQ Producer
Publish a REST endpoint that sends messages to a queue automatically.
Included in CommunityIncluded in Enterprise
Azure Service Bus Topic and Subscription
Enable message queuing and durable publish/subscribe messaging in Azure
Included in CommunityIncluded in Enterprise
Google Cloud PubSub
Send and receive messages between independent applications using GCP PubSub
Included in CommunityIncluded in Enterprise
NATS
Connect to the high performance open source messaging system NATS
Included in CommunityIncluded in Enterprise
Apache Kafka
Enable the distributed streaming platform Apache Kafka
Included in CommunityIncluded in Enterprise
Amazon SNS
Enable exchanging data with topics, push-based, many-to-many in AWS SNS
Included in CommunityIncluded in Enterprise
Amazon SQS
Use queues from the managed Amazon Simple Queue Service (SQS)
Included in CommunityIncluded in Enterprise
Community Edition VS Enterprise Edition comparison

Traffic Management

KrakenD offers several ways to protect the usage of your infrastructure that might act at very different levels.

CE
EE
Concurrent calls
Improve the response times and decrease error rates by requesting in parallel the same information multiple times. Backend pressure in exchange for better response times.
Included in CommunityIncluded in Enterprise
Circuit breaker
The circuit breaker prevents sending more traffic to a failing backend until it recovers, alleviating its pressure under challenging conditions.
Included in CommunityIncluded in Enterprise
Spike Arrest and Burst
The Spike Arrest policy ensures a minimum time between different requests. KrakenD will enable Spike Arrest after exhausting the burst capacity of the rate-limiting features.
Included in CommunityIncluded in Enterprise
Bot detector
Discard traffic from bot patterns
Included in CommunityIncluded in Enterprise
Granular timeouts
Define the default timeout but per-endpoint timeouts, idle connections, and other settings.
Included in CommunityIncluded in Enterprise
Service rate limit
Stateless rate limit to control the throughput of users against the API.
Not included in CommunityIncluded in Enterprise
Endpoint rate limit
Stateless rate limit to control the throughput of users against specific endpoints.
Included in CommunityIncluded in Enterprise
Stateful rate limit (Redis backed)
A Redis database store to centralize all KrakenD node counters.
Not included in CommunityIncluded in Enterprise
Proxy rate limit
Restrict the connections KrakenD makes to your backends, independently of users’ acrivity.
Included in CommunityIncluded in Enterprise
IP Filtering
Restrict the traffic to specific to all endpoints based on IP address and CIDR blocks.
Not included in CommunityIncluded in Enterprise
Maxmind's GeoIP
Forward requests to your services with enrichment coming from Maxmind’s GeoIP2 City database
Not included in CommunityIncluded in Enterprise
Community Edition VS Enterprise Edition comparison

Observability

Logging, tracing and metrics.

CE
EE
Logging
Choose where and how to log the gateway activity
Included in CommunityIncluded in Enterprise
Graylog/GELF logging
Send structured events in GELF format to your Graylog Cluster
Included in CommunityIncluded in Enterprise
Extended metrics
Collect extended metrics to push them to InfluxDB or expose them in a /__stats/ endpoint for you to build a customized dashboard.
Included in CommunityIncluded in Enterprise
Jaeger tracing
Submit spans to a Jaeger Collector (HTTP) or Jaeger Agent (UDP) automatically.
Included in CommunityIncluded in Enterprise
AWS X-Ray metrics and traces
Push to AWS X-RAY end-to-end view of requests as they travel through your application, and the map of your application’s underlying components.
Included in CommunityIncluded in Enterprise
Zipkin tracing
Export traces to Zipkin to troubleshoot latency problems in service architectures.
Included in CommunityIncluded in Enterprise
Elastic Logstash
Application logs in JSON format
Included in CommunityIncluded in Enterprise
ELK Stack dashboard
Have KrakenD pushing logs to your Elastic server and visualize them through a Kibana dashboard.
Included in CommunityIncluded in Enterprise
Prometheus
Expose data to Prometheus, and publish a /metrics endpoint in the selected port.
Included in CommunityIncluded in Enterprise
InfluxDB metrics
Export metrics and events to InfluxDB
Included in CommunityIncluded in Enterprise
Grafana Dashboard
The preconfigured Grafana dashboard for KrakenD offers valuable information to understand the performance of your services and detect anomalies in the service.
Included in CommunityIncluded in Enterprise
Google Cloud's operation suite
Export metrics and traces to Google Cloud
Included in CommunityIncluded in Enterprise
Datadog
Push the gateway activity to Datadog, both stats and traces.
Included in CommunityIncluded in Enterprise
Auth0/Okta
End-users validation, machine-to-machine, ot gateway-to-machine communication using Auth0.
Included in CommunityIncluded in Enterprise
Keycloak
The Keycloak integration allows one of the many possible OpenID Connect different security options available in KrakenD.
Included in CommunityIncluded in Enterprise
Azure Active Directory
You can use Azure Active Directory and protect endpoints with its JWT integration.
Included in CommunityIncluded in Enterprise
NewRelic
Push KrakenD metrics and distributed traces to your New Relic APM dashboard
Not included in CommunityIncluded in Enterprise
Azure OpenTelemetry Collector
The gateway sends all the traces to a local OpenTelemetry Collector that pushes all the data to your Application Insights on Azure Monitor.
Included in CommunityIncluded in Enterprise
Community Edition VS Enterprise Edition comparison

API Governance and API Monetization

Monetize API usage with a robust analytics and billing platform, and govern the usage of your APIs

CE
EE
API Monetization (Moesif integration)
Monitor API usage and bill customers for their usage by directly connecting Stripe or similar tools.
Not included in CommunityIncluded in Enterprise
API Governance
Set usage rules on your Moesif dashboard and let KrakenD react in real-time and cut users that are exceeding their quota.
Not included in CommunityIncluded in Enterprise
 Stay up to date with KrakenD releases and important updates

We use cookies to understand how you use our site and to improve your overall experience. By continuing to use our site, you accept our Privacy Policy. More information