Appearance
AireGlu Release Notes
Version: 1.116.0
Release Date: 21st April 2026
Summary of Changes
✨ New Features
- AireForms Schema Auto-Import for Endpoints (GLU-2873)
- Connect Endpoints to AI Assistants via MCP (GLU-2904)
- Tenant-Wide Client Credential Connections for HTTP Requests (GLU-2998)
⚡ Improvements
- Unsaved Changes Warning in Endpoint Editor (GLU-2813)
- Removed Minimum Items from Auto-Generated Schemas (GLU-2945)
- Retry Support for Internal AireGlu Endpoint Calls (GLU-2967)
- Metrics Table Refresh Button (GLU-2915)
- Retry Visibility in Metrics (GLU-3007)
- Narrowed Retry Conditions to Specific HTTP Exceptions (GLU-3024)
- AI Tools Features Now Opt-In per Tenant (GLU-3087)
🐞 Bug Fixes
- Reactivated Jobs No Longer Run Immediately (GLU-2955)
- JSON Editor Overflow Fixed on JWT Headers (GLU-2900)
- Config Assistant Error Fixed Following BFF Migration (GLU-2996)
- Improved Error Message for Empty XML Schema on Save (GLU-3036)
- Search No Longer Opens All Groups When Cleared (GLU-3016)
🔒 Security Updates
- Various security updates and patches
⚠️ Upgrade Notes
WARNING
YAML Export Removed: Support for exporting endpoint definitions in YAML format has been removed in this release. If your workflows depend on YAML exports, please migrate to the JSON export format before upgrading.
AI Tools Feature Gating: Tenants wishing to use these new AI features should contact Airelogic support.
Detailed Changes
✨ New Features
AireForms Schema Auto-Import for Endpoints (GLU-2873)
Description
The endpoint input configuration now supports an "AireForms" input mode. When selected, users can choose a form key, version, and delivery channel, and AireGlu will automatically retrieve and populate the input schema from AireForms — keeping it in sync as the form evolves. The schema editor becomes read-only in this mode, and the configuration is preserved across sessions.
What this means for you
If you're integrating AireGlu with AireForms, you no longer need to manually copy and paste schemas into your endpoints. Simply select the form and version you want, and AireGlu will pull the correct schema in for you automatically — saving time and reducing the risk of errors when forms are updated.
Connect Endpoints to AI Assistants via MCP (GLU-2904)
Description
AireGlu now supports exposing endpoints as tools via the Model Context Protocol (MCP), allowing AI assistants such as Claude Desktop to discover and invoke your endpoints directly. This release includes MCP server configuration management, authentication via OAuth client credentials and AireIdentity, agent card definition support (per the A2A spec), and a runtime discovery layer so calling agents can resolve endpoint schemas dynamically. The GraphQL Nitro UI has also been restricted to non-production environments as part of this work.
What this means for you
You can now connect your AireGlu endpoints directly to AI assistants and agent orchestrators. This opens up powerful automation possibilities — AI tools can discover what your endpoints do and call them on your behalf, without any manual wiring. Configuration is managed through a dedicated section in AireGlu, and access is controlled per tenant.
Tenant-Wide Client Credential Connections for HTTP Requests (GLU-2998)
Description
A new "Clients" section allows tenant administrators to configure OAuth 2.0 client credential connections that can be selected and reused across HTTP Request tasks in endpoints. These connections support environment variables and secrets in their configuration, automatically refresh tokens on 401 responses, and surface token retrieval failures in usage data logs.
What this means for you
Instead of configuring authentication credentials on each endpoint individually, you can now define a shared client connection once and use it across multiple endpoints. This makes it easier to manage credentials centrally, keep secrets out of endpoint definitions, and troubleshoot authentication failures through the metrics view. For tenants wishing to use this new feature will need to add new permissions if they want to use it (edit:Connection, list:Connection etc.).
⚡ Improvements
Unsaved Changes Warning in Endpoint Editor (GLU-2813)
Description
The endpoint editor now displays a warning prompt when you attempt to navigate away with unsaved changes. The alert appears when the endpoint is in edit mode and has pending changes, and does not trigger when closing the browser tab or when there are no unsaved modifications.
What this means for you
You'll no longer accidentally lose your work when clicking away from the endpoint editor. A clear prompt will ask you to confirm before leaving, giving you the chance to save or discard your changes.
Removed Minimum Items from Auto-Generated Schemas (GLU-2945)
Description
When generating a JSON schema from example input, AireGlu previously set minItems: 1 on arrays, which could cause validation failures for arrays that are legitimately empty at runtime. Auto-generated schemas no longer include a minimum items constraint on array types.
What this means for you
Schemas generated automatically from your example data will be more permissive and less likely to cause unexpected validation errors in production, particularly when working with responses that may contain empty arrays.
Retry Support for Internal AireGlu Endpoint Calls (GLU-2967)
Description
Retry behaviour in the AireGlu Request Task has been extended to cover calls from one AireGlu endpoint to another. This is disabled by default and can be enabled per task. Retries apply only to 5XX server errors, with documentation and in-app messaging updated accordingly.
What this means for you
If your endpoints call other AireGlu endpoints internally, you can now configure those calls to automatically retry on server errors — improving resilience without needing to build custom error-handling logic.
Metrics Table Refresh Button (GLU-2915)
Description
A refresh button has been added to the usage data metrics table, consistent with the refresh control available on the endpoints list. It is visually distinct from the existing filter reset button to avoid confusion.
What this means for you
You can now refresh the metrics table on demand without reloading the whole page, making it quicker to check the latest usage data while you're working.
Retry Visibility in Metrics (GLU-3007)
Description
When AireGlu retries a request, this is now surfaced explicitly in the metrics view. Previously, retries were only identifiable by the presence of multiple invocations for the same endpoint, with no clear indication that a retry had occurred.
What this means for you
Retries are now clearly visible in your usage data, making it easier to identify when an endpoint is experiencing intermittent failures and understand the pattern of retry behaviour.
Narrowed Retry Conditions to Specific HTTP Exceptions (GLU-3024)
Description
The resilience retry pipeline has been updated to handle only specific HTTP-related exceptions, following Microsoft's recommended configuration, rather than catching all exceptions indiscriminately. This reduces the risk of retrying on errors that are not transient or recoverable.
What this means for you
Retries will now behave more predictably and only trigger in situations where they are genuinely likely to help, avoiding unnecessary repeated calls for non-transient errors.
AI Tools Features Now Opt-In per Tenant (GLU-3087)
Description
Tenants wishing to use these new AI features should contact Airelogic support
What this means for you
AI features will only be available to tenants that have been specifically configured for access, giving organisations greater control over which capabilities are exposed in their environment.
🐞 Bug Fixes
Reactivated Jobs No Longer Run Immediately (GLU-2955)
Description
When a scheduled job that had previously run was deactivated and then reactivated, it would incorrectly trigger an immediate execution. Jobs are now set to wait for their next scheduled time when reactivated, consistent with the expected scheduling behaviour.
JSON Editor Overflow Fixed on JWT Headers (GLU-2900)
Description
The JSON editor used for configuring JWT headers in the endpoint editor was overflowing its container. The editor now renders correctly within its allocated space.
Config Assistant Error Fixed Following BFF Migration (GLU-2996)
Description
The AI config assistant in the endpoint editor was returning a 401 authentication error following the BFF (Backend for Frontend) migration. Authentication on the internal request path has been corrected and the assistant is now functional again.
Improved Error Message for Empty XML Schema on Save (GLU-3036)
Description
Attempting to save an endpoint with an empty or invalid XML schema previously resulted in a silent failure — the UI appeared to save successfully but changes were not persisted. The error handling has been made consistent with the create flow, and a clear error message is now shown to the user.
Search No Longer Opens All Groups When Cleared (GLU-3016)
Description
Clearing the search bar on the endpoints list was causing all endpoint groups to expand, regardless of their previous state. Groups now correctly return to a closed state when a search is cleared.
PDF Generation Sanitises User HTML (GLU-3066)
Description
PDF generation now sanitises user-supplied HTML input to prevent local file inclusion attacks via embedded iframes, forms, and unsafe URI schemes. This addresses a high-severity finding from the 2026 penetration test.
GraphQL Alias Overloading Now Rejected (GLU-3075)
Description
GraphQL requests that exceed the permitted alias count are now rejected at the gateway level, preventing alias overloading attacks. This addresses a high-severity finding from the 2026 penetration test.
GraphQL Nitro UI Hidden in Production (GLU-2994)
Description
The GraphQL Nitro browser UI was previously accessible in production environments. It is now restricted to non-production deployments only, reducing the attack surface of the API layer.
XSLT Service Dependencies Upgraded (GLU-3064)
Description
The XSLT service has had its underlying JDK, Javalin, and Jetty versions upgraded to address known vulnerabilities identified in the 2026 penetration test, including an out-of-date and vulnerable OpenJDK version.