API Manager Features

Publishing and Governing APIs

• Publish secured, authenticated, authorized and protected APIs to external consumers and partners, as well as internal users.
• Supports publishing multiple protocols including SOAP, REST, JSON and XML style services as APIs.
• One-click deployment to API Gateway for immediate publishing.
• Manage many API versions parallely and deployment status by version.
• Govern the API life cycle.
• Produce comprehensive API documentation.
• Apply Security policies to APIs (authentication, authorization).
• Facilitates APIs with an associated, published, service-level agreement (SLA).
• Use a policy-based approach to securing APIs, managing access, and throttling usage.
• Provision and Manage API keys.
• Track consumers per API. 
• Collect usage, performance, and quality-of-service statistics to analyze trends.
• Monitor API usage, performance and SLA compliance.
• Scale hosted APIs to deal with increasing loads.
• Display and promote APIs in an API store.

Consuming APIs through the API Store

• User-friendly graphical experience of the API Store.
• Find useful APIs by browsing or searching through the API Store.
• Self-registration to developer community to subscribe to APIs.
• Comment on and rate APIs and view top-rated, most used and featured APIs.
• Explore API documentation and download helpers for easy consumption.
• Register applications and obtain API keys.
• Evaluate APIs, rate APIs, and share comments.
• OAuth2 support for API access.
• Utilizes type support granted by OAuth2 resource owner credentials.

Routing API Traffic

• Supports API authentication with OAUTH2.
• Extremely high performance pass-through message routing with sub-millisecond latency.
• Enforces rate limiting and throttling policies for APIs by consumer.
• Horizontally scalable with easy deployment into cluster using proven routing infrastructure.
• Scales to millions of developers/users.
• Captures all statistics and pushes to pluggable analytics system.
• Configure API routing policies with capabilities of WSO2 Enterprise Service Bus.

The Community Features

• Self-signup for API consumption.
• Manages user accounts including password reset.
• Developer interaction with APIs via comments and ratings.
• Ability to associate documentation and samples with APIs.
• Overall user friendliness of the API Store.
• Ability to tag APIs and powerful search capabilities.
•  Ability to provider feedback on APIs.
• Ability to track API usage by individual subscribers.

Governing Complete API Lifecycle:

• End-to-end API lifecycle management : create, publish, block, deprecate and retire.
• Publishes both production and sandbox keys for APIs to enable easy developer testing.

Usage and Performance Monitoring and Statistics

• Pluggable analytics framework for API usage publishing.
• Out of the box support for WSO2 Business Activity Monitor.
• Displays metrics by user, API and more.
• Customized reporting via plugable reporting engines.
• Monitors SLA compliance.

Pluggable, Extensible & Themeable:

• All components are highly customizable through styles, themes and open source code.
• Storefront implemented with Jaggery (jaggeryjs.org) for easy customization.
• Pluggable to third party analytics systems and billing systems (Available soon in future version).
• Pluggable to existing user stores via JDBC and LDAP.
• Components usable separately – storefront can be used to front APIs gateway via third party gateways such as Intel ServiceExpress.

Easily Deployable in Enterprise Setting

• Role-based access control for managing users and their authorization levels.
• Storefront can be deployed in DMZ for external access with 'publisher' inside the firewall for private control.
• Different user stores for developer focused store-front and internal operations in publisher.
• Integrates with enterprise identity systems including LDAP and Microsoft Active Directory.
• Gateway can be deployed in DMZ with controlled access to WSO2 Identity Server (for authentication/authorization) and governance database behind firewall.