Versions Compared

Old Version 1

changes.mady.by.user Former user

Saved on

compared with

New Version 2

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Reviewed and updated

Usecase

...

Enable the internal use of APIs

...

Help pick and choose subset of those to be used with partners

...

This sample scenario elaborates as to how you can manage public vs. partner vs. private APIs with WSO2 API Manager.

Table of Contents
maxLevel3
minLevel3

Use case

The following are the use cases with regard to managing public vs. partner vs. private APIs.

  • Ability to use some of the APIs internally.

  • Ability to share a subset of the internal APIs with partners.

  • As a result of the latter mentioned use case, it should facilitate the development of an API ecosystems with partners across industries (e.g., ability to book a hotel and a car when you book as well at the time of booking a flight).

    • Connect with APIs

      • from partners

    • that are owned by your partner

    • Enable partners to connect with

      • ours
    A further subset to

    • your APIs

  • Expose some of the APIs as public APIs to expand the business operations.
    Maintain a further subset of the APIs so that it can be exposed as public APIs. Many of the same APIs that are used internally and with partners can be used as public APIs in order to drive additional business and help obtain new cusalexers.

...

  • customers.

Business story

  • ABC organisation organization is an organisation organization that has separate departments for finance and operations other than their core business department which is mobile phone manufacturing.

  • The core business department is called , finance, and operations departments are named department_core and the finance department is called depratment_finance and operations department is named department_operations , department_finance, and department_operations respectively.

  • The finance department handles the salaries of employees. The core department is responsible for maintaining the mobile phone manufacturing stock. The operations department handles maintenance work of the organization.

Description of each API is as follows.:

  1. Employee_info_API - Used by the core and finance departments.
  2. Mobile_stock_API - An This API is used to get details of the current mobile stock details. Used , and is used by the core department.
  3. Salary_details_API - An This API is used to get the details with regard to the salary of employees. Used the employees, and is used by the finance department.
  4. Maintenance_Task_API - An API used to get maintenance tasks required for the day.

Business use cases

...

The following user cases are related to the above mentioned sample business scenario

...

.

  1. The finance department (deparment_finance) needs to get the salary of each and every employee. This data is private to the Finance Departmentfinance department.

  2. The core department (department_core) needs to know the details about stocks such as the stocks (e.g., the current stock price). This is private to the Core Departmentcore department.

  3. Both Finance The finance and Core core departments both need to know the employee details of the employees who are working in Core department. This data is only provided to the Core core and Finance departments, and the Operations finance departments. The operations department should not be able to access this the latter mentioned data.

  4. The core department (department_core) and the public needs need to know the current prices of the mobile phones.

  5. The operations department ( department_operations) needs to know the maintenance tasks required for the day.

  6. When a public user gets a phone the details with regard to the price of a phone in Brand , which belongs to brand “A” and model “B”, that same user should be able predicted automatically shown the prices of the pouches for the relevant model phone.

Sample Business Use Cases Related to Sample One

API Development - Managing Public, Partner vs Private APIs

The following define how the business story is related to a real world business scenario

  • Using some of the APIs internally.

  • Share a subset of those APIs with partners if needed.

  • This will facilitate to develop an API ecosystems with partners. It will be helpful to maintain partnerships across industries.

  • This enables to connect with partners while allowing them to connect with our APIs.

  • Moreover, some APIs can be exposed as public APIs to expand the business operaions.

How this Business Scenario can be Achieved Using WSO2 API Manager

In API manager we need to create

  • Three different tenants for the three departments with users that can create APIs

  • An API visible only to the tenant relevant of finance department to get employee salary details.

  • An API visible only to the tenant relevant of core department to get current mobile stock details

  • An API visible only to the tenant relevant of operations department to get required maintenance task for the day.

  • An API subscription visible only to the finance and core departments but restricted to operations departments, to get the employee details of employees working in the core departments.

  • An API publicly visible, to get mobile phone prices by exposing a api to mobile phone prices. This API should be tagged as “mobile”. An API to get the prices of the mobile pouches. This should also have the tag “mobile”. In this scenario when an application client calls the mobile phone prices it will call another API to the API’s which has the same tag and get the relevant results. (When a user buys a mobile, matching pouches are predicted to buy.)

    Note

    Depending on the situation, we can specify the "Visibility on Store" as Public (the API is accessible to everyone) or Restricted by roles (the API is visible only to specific user roles in the tenant store that you specify).

Running the sample to populate the sample data

...

  1. phone pouches that correspond to that relevant phone model.

Running the sample

Run the sample as follows to populate the sample data:

  1. Download wso2am-2.2.0-sample-scenarios.

  2. Unzip and

...

  1. copy sample-scenarios folder to

...

  1. <API-M_HOME> folder.

  2. Start the wso2am-2.

...

  1. 2.0

...

  1. distribution.

  2. Go to <API-M_HOME>/sample-scenarios

...

  1.  directory and execute the run.sh file. 

    Code Block
    ./run.sh

  2. Enter the scenario number as 1, when prompted.

User credentials

...

The following are the user credentials that you need to use when signing in to the WSO2 API Manager instance that has the sample data populated.

UserUsernamePassword

Finance department user

chris@financejohn@finance.abc.com123123
Manufacturing department useralex@coretom@core.abc.com123123
Maintenance department usersam@operationsbob@operations.abc.com123123

...

Created APIs.

Screen Shot 2017-11-06 at 12.44.27 PM.pngImage Removed

Created Tenants

Screen Shot 2017-11-06 at 12.44.52 PM.pngImage Removed

...

Implementing the scenario using WSO2 API Manager

You need to do the following in WSO2 API Manager.

  1. Create three different tenants for the three departments with users that can create APIs.
    The screen shot below illustrates the tenants in the system.
    Screen Shot 2017-11-06 at 12.44.52 PM.pngImage AddedThe following screen shot depicts the created APIs.
    Screen Shot 2017-11-06 at 12.44.27 PM.pngImage Added

  2. Create an API that is visible only to the tenant who is part of the finance department, in order to get the employee salary details.

    The screen shot below illustrates that John can subscribe to the Salary_details_API

...

  1.  as John belongs to the finance department.

    Image Modified

    The

...

  1. screen shot below

...

  1. illustrates that John can not subscribe to the Mobile_stock_API

...

  1. , because John does not belong to the core manufacturing department.

    Image Modified

...

  1. Create an API that is visible only to the tenant who is part of the core department, in order to get the current mobile stock details.
    The screen shot below illustrates that Tom can subscribe to the Mobile_stock_API

...

  1. as Tom belongs to the core manufacturing department.

    Image Modified

...

  2. Create an API that is visible only to the tenant who is part of the operations department, in order to get the maintenance tasks that are required for the day.

  3. Create an API subscription that is visible only to the finance and core departments, but restricted to the operations departments, in order to get the details of employees who are working in the core departments.

    The screen shots below illustrates that both John and Tom can subscribe to Employee_info_API

...

  1.  as they have permission to access the Employee_info_API API.

    Image Modified


    Image Modified

  2. Create an API that is publicly visible, to get mobile phone prices by exposing the API to the mobile phone prices. This API should be tagged as “mobile”. 

    Note

    Depending on the situation, you can specify the "Visibility on the Store" as Public, which means that the API is accessible to everyone, or you can restrict by roles, whereby the API is visible only to specific user roles in the tenant store that you specified).

  3. Create an API to get the prices of the mobile pouches. This should also have the tag “mobile”. In this scenario, when an application client sends a request for the mobile phone prices it will also send a request to another API that has the same tag and get the relevant results. (When a user buys a mobile, it should predict the available matching mobile pouches that are for sale.)

You can invoke and check the API’s giving results after subscribing to the relevant API’s and generating the keys.