Two years ago, we introduced eoAPI as a set of modular services for building cloud-native Earth observation platforms. Since then, it’s powered systems like NASA’s VEDA and ESA’s EOEPCA, and is showing up in repos and production stacks around the world.

The draw? It just works — and scales. This year, we’ve focused on refining deployments, simplifying auth, and building tools that open the stack to more people. Here’s what’s new.

Cloud-Agnostic and Kubernetes-Ready

Over the past few months, we’ve made major strides toward making eoAPI truly cloud-agnostic. Our Helm charts have been comprehensively refactored to support deployments across AWS, Google Cloud, Azure, and European cloud providers like Cloudferro.

Key improvements include:

• Unified PostgreSQL configuration for both managed services like RDS and self-hosted options.
• Consolidated ingress layers that work seamlessly across controllers.
• Integrated authentication support through our new STAC Auth Proxy.

eoAPI gives you infrastructure that just works, and the flexibility to manage and scale as your needs evolve. And hopefully makes your life easier.

We’re also investing in clearer docs, deployment guides, and community examples to make this process even smoother.

Smarter Security for STAC

Securing EO data is nuanced. The diverse needs of Earth observation systems have exposed gaps in tooling, often leaving teams to build one-off solutions. This year, we launched the STAC Auth Proxy — a lightweight way to add authentication and authorization to STAC APIs.

Unlike general-purpose API gateways, STAC Auth Proxy understands the structure of STAC catalogs and applies fine-grained, row-level security using CQL2 expressions. It augments OpenAPI specifications and STAC records with authentication details through the Authentication Extension, making it easier to understand and manage data access.

Additionally, most deployments require consistent authentication strategies across tiling services, vector APIs, ingestion endpoints, and more. We’re working toward unified auth patterns across the eoAPI stack, starting with improved documentation and standardized token-based access methods.

Managing Your Catalogs, Without the Code

More applications are relying on STAC metadata for discovery, but also for rendering configs, keyword taxonomies, and user filtering. That’s a huge win for interoperability, but also a challenge for data curators, who aren’t always developers.

STAC Manager aims to fill that gap. It’s a user-friendly web app for managing STAC catalogs. Our goal? For STAC Manager to become to catalog curation what STAC Browser is to catalog browsing.

Features include:

• Form-based creation and editing of STAC collections and items.
• Built-in validation for core STAC fields and common extensions.
• Search functionality for quickly locating records.
• JSON editing options for advanced users.
• Integration with authentication systems for secure access.

Not every data steward wants to write JSON or curl POSTs. STAC Manager makes it easier for domain experts to manage their catalogs — without becoming API experts.

Other Core Improvements

We’ve continued to invest in the foundations that make eoAPI fast, flexible, and ready for what’s next:

• pgSTAC is getting easier to tune and monitor, with support for configurable queryables and an upcoming admin guide.
• GeoParquet support is in early stages, enabling leaner deployments for lighter use cases.
• CQL2-rs powers fast, standards-based filtering across the stack — from STAC Auth Proxy to TiPG.
• obstore unlocks high-throughput object storage access with Rust-powered speed.
• rustac brings native-speed STAC processing to Python workflows.

Join the Conversation

eoAPI is built in the open — shaped by real-world feedback and shared needs. Whether you're deploying on AWS, Azure, GCP, or European cloud providers, we'd love to hear from you.

Join our Discussions, try out a tool, or drop us a note with your feedback or use case.