Versions Compared

Old Version 1

changes.mady.by.user Former user

Saved on

compared with

New Version 2

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Reviewed

...

This sample scenario demonstrates how to govern an API.

Table of Contents

Use case

  • Control and track the broader operational characteristics of how APIs get exposed.

  • Manage and maintain policy characteristics such as metering, SLAs, availability and performance.

  • Policy management specific to different partners and developers.

  • People and persona-driven governance models (who can do what and when).

  • Dependency analysis; track which services fuel which APIs, and which APIs fuel which apps.

Business story

  • Assume that there is an organization that needs to get data related to their API usage. They need to give more traffic to the API’s that are accessed frequently. Out of those APIs, they need to give more traffic to a particular resource in a particular API.

  • This organization has a separate unit that needs traffic management policies to manage their API’s separately.

  • There are users that only need to invoke the APIs. They are not offered API developer capabilities.

  • They need to know how the services are consumed by the end users.

Business use cases

...


Let's assume ABC is a mobile phone manufacturing company.

...

  • They need to publish mobile phone the stock availability of mobile phones through an API and they need to give more traffic availability to this API’s getStock resource.
  • They have a separate finance department to which they need to allocate less traffic since this API is only accessed by the finance department.
  • They have users that do not have privilege privileges to develop the APIs and only have rights to consume the APIs.
  • They need to monitor the API usage , to manage the traffic allocations of the APIs.

How this business scenario is achieved using WSO2 API Manager

  • Place the wso2am-analytics-2.2.0-updateX pack in the same location as the wso2am-2.2.0-updateX pack.

  • Custom advanced throttling policies for the APIs.

  • A separate tenant is required for the finance department and custom advanced throttling policies are required for that tenant.

  • Two APIs; one for the super tenant, that exposes the mobile phone prices and the other for the tenant created for the finance department, which is a private API that retrieves salary details of the employees.

  • Engage the new advanced throttle policies with the two newly created APIs above.

  • Create a user who does not have permission to the Publisher.

  • Invoke the APIs and check the analytics graphs to check the API usability statistics.

Below are the screenshots that show the old and new APIs with their respective lifecycle states.

Created API for super tenant

Image Removed

Created API for finance department

Image Removed

Engaged advance throttle policy for the stock GET request in super tenant

Image Removed

Alex can log in to the Store

Image Removed

Alex cannot log in to the Publisher since it has been restricted

Image Removed

Advanced throttling policy engaged to finance department

Image Removed

Add advanced throttling policies in the Admin app

Image Removed

Image Removed

Image Removed

After users start invoking APIs, statistics appear in the Publisher, as shown below:

Image Removed

Image Removed

Image Removed

Running the sample to populate the sample data

  • Start the wso2am-analytics-2.2.0-updateX distribution.
  • Start wso2am-2.2.0-updateX, after starting the APIM analytics node

Running the sample

Run the sample as follows to populate the sample data:

  1. Download WSO2 API-M Analytics to the same location as the WSO2 API Manager distribution and configure it.

  2. Download the WSO2 API Manager sample scenarios.
  3. Unzip the sample-scenarios ZIP file and rename the unzipped folder to sample-scenarios.
  4. Copy the sample-scenarios folder to the <API-M_HOME> folder.

  5. Start the WSO2 API Manager Server.

  6. Go to <API-M_HOME>/sample-scenarios

...

  1.  directory and execute the run.sh file. 

    Code Block
    ./run.sh

  2. Enter the scenario number as 9, when prompted.

User

...

credentials

The following are the user credentials that you need to use when signing in to the WSO2 API Manager instance that has the sample data populated.

UserUsernamePassword

Super tenant

adminadmin
Store only
alex
alex@store.abc.com123123
Finance department user
chris@finance
john@finance.abc.com123123

Implement using WSO2 API Manager

Follow the instructions below to implement the above business scenario using WSO2 API Manger.


  1. Create two different tenants (alex@store.abc.com and john@finance.abc.com) with users (Alex and John respectively), where Alex only has permissions to the API Store but not to the API Publisher, and John with permission to create and publish APIs.
  2. Log in as the admin user and create two new advanced throttling policies (100KKBPerMin and 100KPerMin).

    Image Added

    Image Added

  3. Log in as the admin user and create an API that exposes the mobile phone prices.
    Image Added
  4. Engage the new advanced throttle policy, 100KPerMin, for the stock GET request.
    Image Added
  5. Log in as John and create a private API that retrieves salary details of the employees.
    Image Added

  6. Engage the new advanced throttle policy, 100KKBPerMin, for the stock GET request.
    Image Added

  7. Log in as Alex and invoke the APIs in the API Store. 

  8. Log back in as John and check the analytics graphs in the API Publisher to check the API usability statistics,

    Image Added

    Image Added

    Image Added



Info
References

https://wso2.com/library/articles/2016/09/article-generating-insights-with-wso2-api-manager-analytics/#apistore