Managing Public, Partner vs Private APIs Sample Documentation

Usecase

• Enable the internal use of APIs

• Help pick and choose subset of those to be used with partners

• Enabling building API ecosystems with partners that can unlock partnerships that cross industries (book a hotel and a car when you book a flight)

• Connect with APIs from partners

• Enable partners to connect with ours

• A further subset to be exposed as public APIs. Many of the same APIs used internally and with partners can be used as public APIs to drive additional business and help obtain new cusalexers.

The sample scenario is mentioned below.

Business story

• ABC organisation is an organisation that has separate departments for finance and operations other than their core business department which is mobile phone manufacturing.

• The core business department is called department_core and the finance department is called depratment_finance and operations department is named department_operations.

• The finance department handles the salaries of employees. The core department is responsible for maintaining the mobile phone manufacturing stock. The operations department handles maintenance work of the organization.

Description of each API is as follows.

1. Employee_info_API - Used by core and finance departments.
2. Mobile_stock_API - An API used to get current mobile stock details. Used by the core department.
3. Salary_details_API - An API used to get the salary of employees. Used by the finance department.
4. Maintenance_Task_API - An API used to get maintenance tasks required for the day.

Business use cases

1. For the above mentioned business scenario, deparment_finance needs to get the salary of each and every employee. This data is private to the Finance Department.

2. The department_core needs to know details about stocks such as the current stock price. This is private to the Core Department.

3. Both Finance and Core departments need to know the employee details of employees working in Core department. This data is only provided to the Core and Finance departments, and the Operations department should not be able to access this data.

4. The department_core and the public needs to know the current prices of the mobile phones.

5. The operations department needs to know the maintenance tasks required for the day.

6. When a public user gets a phone price of a phone in Brand “A” and model “B”, that user should be able predicted the prices of the pouches for the relevant model phone.

Sample Business Use Cases Related to Sample One

API Development - Managing Public, Partner vs Private APIs

The following define how the business story is related to a real world business scenario

• Using some of the APIs internally.

• Share a subset of those APIs with partners if needed.

• This will facilitate to develop an API ecosystems with partners. It will be helpful to maintain partnerships across industries.

• This enables to connect with partners while allowing them to connect with our APIs.

• Moreover, some APIs can be exposed as public APIs to expand the business operaions.

How this Business Scenario can be Achieved Using WSO2 API Manager

In API manager we need to create

• Three different tenants for the three departments with users that can create APIs

• An API visible only to the tenant relevant of finance department to get employee salary details.

• An API visible only to the tenant relevant of core department to get current mobile stock details

• An API visible only to the tenant relevant of operations department to get required maintenance task for the day.

• An API subscription visible only to the finance and core departments but restricted to operations departments, to get the employee details of employees working in the core departments.

• An API publicly visible, to get mobile phone prices by exposing a api to mobile phone prices. This API should be tagged as “mobile”. An API to get the prices of the mobile pouches. This should also have the tag “mobile”. In this scenario when an application client calls the mobile phone prices it will call another API to the API’s which has the same tag and get the relevant results. (When a user buys a mobile, matching pouches are predicted to buy.)

  Depending on the situation, we can specify the "Visibility on Store" as Public (the API is accessible to everyone) or Restricted by roles (the API is visible only to specific user roles in the tenant store that you specify).

Running the sample to populate the sample data

• Download the wso2am-2.1.0-updateX-sample-scenarios.

• Unzip and Copy sample-scenarios folder to <APIM_HOME> folder.

• Start the wso2am-2.1.0-updateX distribution.

• Go to <API-M_HOME>/sample-scenarios. Execute the run.sh file. Enter the scenario number as 1, when prompted.

User credentials needed for login

The screenshots below show how to create tenants and how to control API visibility.

Created APIs.

Created Tenants

The screenshot below shows that the user Chris can subscribe to the Salary_details_API since Chris belongs to the finance department.

The screenshot below shows that Chris can not subscribe to Mobile_stock_API because Chris does not belong to the core manufacturing department.

The screenshot below shows that user Alex can subscribe to the Mobile_stock_API since Alex belongs to the core manufacturing department.

The screenshots below shows that both Chris and Alex can subscribe to Employee_info_API since both of them are given privilege to access the Employee_info_API.

You can invoke and check the API’s giving results after subscribing to the relevant API’s and generating the keys.