NGINX Gateway Fabric 2.5.0 is here, and this one is a big deal. The release doubles down on enterprise-grade capabilities while keeping us at the forefront of Gateway API conformance. NGF remains one of the top conformant implementations of the Gateway API spec, and this release reinforces why. Here’s what’s new.
Gateway API 1.5 Conformance
What’s new: NGF now conforms with the latest Gateway API 1.5 specification. This release picks up two notable promotions from the spec: TLSRoute has moved to the standard channel and is now v1, and ReferenceGrant has been promoted to v1 as well. Keep an eye out for NGINX Gateway Fabric being highlighted when the official Gateway API 1.5 release is published.
Why it matters: Conformance isn’t just a checkbox. It means your investment in Gateway API resources is portable, interoperable, and built on a spec that’s clearly maturing toward production-readiness. These promotions are a signal that the ecosystem is stabilising, and NGF is keeping pace.
CORS via HTTPCORSFilter
What’s new: CORS support has arrived for Gateway Fabric through the Gateway API HTTPCORSFilter on HTTPRoute resources. Preflight requests are handled automatically and CORS headers are injected at the proxy layer.
Why it matters: Application teams shouldn’t need to own CORS configuration. Handling it at the proxy layer removes that burden entirely, keeps it consistent across services, and means developers can stop worrying about it.
NGINX Plus: JWT Authentication
What’s new: JWT-based authentication is now natively supported, giving teams a straightforward way to enforce token-based access control directly at the Gateway.
Why it matters: Pushing auth to the edge rather than handling it in every application individually is cleaner, more consistent, and easier to audit. For teams already using JWTs, this is a natural fit that requires no additional infrastructure.
NGINX Plus: OpenID Connect (OIDC)
What’s new: NGF now supports native OIDC, enabling you to delegate authentication to external identity providers like Okta, Keycloak, and Azure AD without bolting on third-party solutions.
Why it matters: This is one of the top reasons our ingress controller customers choose NGINX Plus, and now it’s available in Gateway Fabric too. For enterprise teams that need identity integration as part of their platform, this removes a significant barrier and brings NGF firmly into the enterprise conversation.
Stability and Bug Fixes
This release also includes a number of stability improvements and bug fixes. Head over to the GitHub changelog and our public release docs for the full picture.
We’re proud of what the team put together here. It was great to see many of you at KubeCon Europe. The feedback we received was encouraging and we can’t wait for the next release!