This sample scenario demonstrates how to govern an API.
Use case
Control and track the broader operational characteristics of how APIs get exposed.
Manage and maintain policy characteristics such as metering, SLAs, availability and performance.
Policy management specific to different partners and developers.
People and persona-driven governance models (who can do what and when).
Dependency analysis; track which services fuel which APIs, and which APIs fuel which apps.
Business story
Let's assume ABC is a mobile phone manufacturing company.
- They need to publish the stock availability of mobile phones through an API and give more traffic availability to this API’s getStock resource.
- They have a separate finance department to which they need to allocate less traffic since this API is only accessed by the finance department.
- They have users that do not have privileges to develop the APIs and only have rights to consume the APIs.
- They need to monitor the API usage to manage the traffic allocations of the APIs.
Running the sample
Run the sample as follows to populate the sample data:
Download WSO2 API-M Analytics to the same location as the WSO2 API Manager distribution and configure it.
- Download the WSO2 API Manager sample scenarios.
- Unzip the sample-scenarios ZIP file and rename the unzipped folder to
sample-scenarios
. - Copy the
sample-scenarios
folder to the<API-M_HOME>
folder. Start the WSO2 API Manager Server.
Go to
<API-M_HOME>/sample-scenarios
directory and execute therun.sh
file../run.sh
Enter the scenario number as 9, when prompted.
User credentials
The following are the user credentials that you need to use when signing in to the WSO2 API Manager instance that has the sample data populated.
User | Username | Password |
---|---|---|
Super tenant | admin | admin |
Store only | alex@store.abc.com | 123123 |
Finance department user | john@finance.abc.com | 123123 |
Implement using WSO2 API Manager
Follow the instructions below to implement the above business scenario using WSO2 API Manger.
- Create two different tenants (alex@store.abc.com and john@finance.abc.com) with users (Alex and John respectively), where Alex only has permissions to the API Store but not to the API Publisher, and John with permission to create and publish APIs.
- Log in as the admin user and create two new advanced throttling policies (100KKBPerMin and 100KPerMin).
- Log in as the admin user and create an API that exposes the mobile phone prices.
- Engage the new advanced throttle policy, 100KPerMin, for the stock GET request.
- Log in as John and create a private API that retrieves salary details of the employees.
Engage the new advanced throttle policy, 100KKBPerMin, for the stock GET request.
Log in as Alex and invoke the APIs in the API Store.
- Log back in as John and check the analytics graphs in the API Publisher to check the API usability statistics,