Publishing and Governing APIs
- Publish secured, authenticated, authorized and protected APIs to external consumers and partners, as well as internal users.
- Supports publishing multiple protocols including SOAP, REST, JSON and XML style services as APIs.
- One-click deployment to API Gateway for immediate publishing.
- Manage many API versions parallely and deployment status by version.
- Govern the API life cycle.
- Produce comprehensive API documentation.
- Apply Security policies to APIs (authentication, authorization).
- Facilitates APIs with an associated, published, service-level agreement (SLA).
- Use a policy-based approach to securing APIs, managing access, and throttling usage.
- Provision and Manage API keys.
- Track consumers per API.
- Collect usage, performance, and quality-of-service statistics to analyze trends.
- Monitor API usage, performance and SLA compliance.
- Scale hosted APIs to deal with increasing loads.
- Display and promote APIs in an API store.
Consuming APIs through the API Store
- User-friendly graphical experience of the API Store.
- Find useful APIs by browsing or searching through the API Store.
- Self-registration to developer community to subscribe to APIs.
- Comment on and rate APIs and view top-rated, most used and featured APIs.
- Explore API documentation and download helpers for easy consumption.
- Register applications and obtain API keys.
- Evaluate APIs, rate APIs, and share comments.
- OAuth2 support for API access.
- Utilizes type support granted by OAuth2 resource owner credentials.
Routing API Traffic
- Supports API authentication with OAUTH2.
- Extremely high performance pass-through message routing with sub-millisecond latency.
- Enforces rate limiting and throttling policies for APIs by consumer.
- Horizontally scalable with easy deployment into cluster using proven routing infrastructure.
- Scales to millions of developers/users.
- Captures all statistics and pushes to pluggable analytics system.
- Configure API routing policies with capabilities of WSO2 Enterprise Service Bus.
The Community Features
- Self-signup for API consumption.
- Manages user accounts including password reset.
- Developer interaction with APIs via comments and ratings.
- Ability to associate documentation and samples with APIs.
- Overall user friendliness of the API Store.
- Ability to tag APIs and powerful search capabilities.
- Ability to provider feedback on APIs.
- Ability to track API usage by individual subscribers.
Governing Complete API Lifecycle:
- End-to-end API lifecycle management : create, publish, block, deprecate and retire.
- Publishes both production and sandbox keys for APIs to enable easy developer testing.
Usage and Performance Monitoring and Statistics
- Pluggable analytics framework for API usage publishing.
- Out of the box support for WSO2 Business Activity Monitor.
- Displays metrics by user, API and more.
- Customized reporting via plugable reporting engines.
- Monitors SLA compliance.
Pluggable, Extensible & Themeable:
- All components are highly customizable through styles, themes and open source code.
- Storefront implemented with Jaggery (jaggeryjs.org) for easy customization.
- Pluggable to third party analytics systems and billing systems (Available soon in future version).
- Pluggable to existing user stores via JDBC and LDAP.
- Components usable separately – storefront can be used to front APIs gateway via third party gateways such as Intel ServiceExpress.
Easily Deployable in Enterprise Setting
- Role-based access control for managing users and their authorization levels.
- Storefront can be deployed in DMZ for external access with 'publisher' inside the firewall for private control.
- Different user stores for developer focused store-front and internal operations in publisher.
- Integrates with enterprise identity systems including LDAP and Microsoft Active Directory.
- Gateway can be deployed in DMZ with controlled access to WSO2 Identity Server (for authentication/authorization) and governance database behind firewall.