...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
This sample scenario elaborates as to how you can use WSO2 API Manager to develop developer optimized APIs.
Table of Contents | ||||
---|---|---|---|---|
|
Use case
Business APIs can be accessed by different parties via different devices. Providing Therefore, providing an optimized and personalized experience for these different user stories is key to the success of digital transformation.
The same API can be accessed by different clients . E(e.g., mobile mobile devices, PC, TV, etc.).
The API developer should be able to optimize API output by identifying the client.
Optimization can be a composition of the multiple backend backends or stripdown.
APIs are prioritized based on the client.
Business
...
Story
For example, let’s take ABC organization which is a bank which ABC Bank is providing financial facilities such as loans, fixed deposits, etc. For these financial services Therefore, they have a requirement to produce provide the loan and fixed deposit rates. They have The bank also has an online facility for clients to log in and check their account information and perform transactions. Their requirement extends to In addition, ABC bank is also looking at developing a mobile banking solution as well.
...
Implementing the scenario using WSO2 API Manager
...
The bank needs APIs in order to achieve the above mentioned sample business story.
Expose the exchange ratesSend clients’ relevant .
Provide the clients with their respective account information.
Grant access to the online banking solution as well as the mobile banking solution.
In the future, they ABC bank will need more and more functionality exposed through APIs. However, but as for now, let’s consider only the above mentioned three APIs, and consider how we could achieve this using WSO2 API Manager.
The following sections explain how we can implement the latter mentioned use cases using WSO2 API Manager.
Table of Contents | ||||
---|---|---|---|---|
|
Business APIs accessed by different parties via different devices
WSO2 API Manager provides an SDK feature that generates SDKs for a variety of programming languages. This particular feature will address the first part of the sample scenario, i.e. “Business APIs can which is the requirement for the business APIs to be accessed by different parties via different devices”devices, where different SDKs can address the needs of the different types of consumers involved.
Here the The API consumers can create different clients using the a preferred programming language they prefer. For an example, let’s consider two parties that needs need an application that consumes the APIs using Python and Java. They can develop two applications using the SDK’s for Python and Java separately. The SDK, which is automatically generated through WSO2 API Manager, will handle the API invocation logic; while, the application developer only needs to focus on the business logic of the client and call the method with the respective parameters in the SDK.
Same API accessed by different clients
In WSO2 API Manager, clients can create separate Applications applications for the same API and in turn use these different applications to access the API. In this example, different users can get the interest rates for bank loan loans and fixed deposit rates deposits by subscribing to the Applications that applications, which provide the relevant APIs which , that the bank will be exposing has exposed to the public.
Furthermore, the client may be accessing this information via WSO2 API Manager using a mobile device. For this they Therefore, in order to cater to the latter mentioned requirement ABC bank can develop the client application using android SDK. same as for a java application they can get the java SDK and develop the client application by calling the the Android SDK, and similarly in order to create a client application using Java, they can use the Java SDK by calling the respective SDK methods.
API developer optimizing the API output by identifying the client
API developers can use the headers sent by the client and to detect the type of the client (e.g., if the client is a mobile device or not). For example, consider a client who is accessing the banks ABC bank's API’s and performing online account balance checking. In this the latter mentioned scenario, if the API developer needs to restrict the mobile allow mobile device clients from accessing all of the account information, instead restrict access to a select to only access a selected set of data of the their account details, and expose all the data to desktop application clients, that this can be achieved when using WSO2 API Manager by having a custom sequence in the API definition. For more information on adding custom sequences, see Adding Mediation Extensions.Consider a scenario where the
Example
For example if the API developer needs to restrict sending the address element for of the bank account details to the mobile device clients.
Code Block |
---|
<xml> <name>Chris Smith</name> <address>No 4, Street One, San Francisco.</address> <mobile>0718123456</mobile> </xml> |
The API developer can add the following custom sequences can be added to the API definition to achieve thisthe latter mentioned scenario.
In the following custom IN-sequence, it reads the User-Agent header and store stores it in a custom property in WSO2 API Manager.
Code Block | ||
---|---|---|
| ||
<sequence xmlns="http://ws.apache.org/ns/synapse" name="custom-in"> <description> Description</description> <property name="ClientAccessDevice" expression="$trp:User-Agent" /> </sequence> |
In the following custom OUT-sequence, a filter is introduced to read that the latter mentioned custom property and send the custom payload to the back end backend as follows,:
Code Block | ||
---|---|---|
| ||
<sequence xmlns="http://ws.apache.org/ns/synapse" name="custom-out"> <description>Custom out sequence to remove Address element</description> <filter source="get-property('ClientAccessDevice')" regex="iphone"> <then> <log level="custom"> <property name="ClientAccessDevice" value="then" /> </log> <script language="js"> var payload = mc.getPayloadXML(); delete payload.address; mc.setPayloadXML(payload); </script> </then> <else> </else> </filter> <property name="Client user device" expression="$trp:User-Agent" /> </sequence> |
The above API can be tested Test the above APIs using the following CURL commandscURL command.
Mobile Device Client
Localtabgroup | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
...
|
...
|
Desktop Device Client
Localtabgroup | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
...
|
...
|
Optimization can be a composition of
...
multiple
...
backends or stripdown
This is currently identified as a gap in the WSO2 API manager 2.12.0 implementation and a new feature addressing this via API composition is being developed in WSO2 Carbon 5.0 based release of the WSO2 API Manager.
Client based prioritization of the APIs
This is currently identified as a gap in the WSO2 API Manager 2.12.0 implementation, and will be addressed in the new features that will be delivered in the WSO2 Carbon 5.0 based release of the WSO2 API Manager.