WS@) wso2.com API Management ‘The huge amount of data and devices that make up the connected world have pushed APIs to the forefront of IT transformation for companies of all sizes, everywhere. Exposing enterprise data and processes to your customers, partners, or mobile developers can be a challenging task. You can leverage WSO2’s API Management solutions to design, implement, secure, and moni- tor your APIs and quickly deliver the value of APIs to your organization. WSO2 API Manager supports API design Provides self-service API access, and publishing as well as API lifecycle while retaining control by associating management, includes a developer portal, approval work'lows to critical actions provides APIs access control, and offers a such as subscriptions, application comprehensive set of analytics for IT Creation, of user sell-sign-up operations and API product managers. Secures APIs leveraging OAuth stan- dard and supports common OAuth Enables API discovery by providing grant profiles such as SAML, IWA, store experience, similar to mobile Password, or Implicit, allowing APIs to applications public stores. APIs can be be invoked in the context of web appli- documented, tagged, categorized, cations or mobile applications and tested right from the store itself Monitors AP! behavior, at operation Defines @ role-based access to API and business levels, and supports Publication, by clearly separating API Google Analytics as well as the WSO2 developers (creators) from API analytics platform publishers (who hold the responsibility to make an API publicly available)API MANAGER FRONT END Design Discover z fo} 2 2 Z Wanape ‘Subscribe| | Test 5 we ze API CREATORS & PUBLISHERS: API CONSUMERS zg 5 fi 3 Ss 8 ‘API GATEWAY EXISTING KEY MANAGEMENT /SO2 API Manager is part of a comprehensive, composite platform that can enable you to jonallty to your customers. You can adopt the rest of the platform at your your API management deployment matures and grows. Potential scenarios include: * Federated identity based on SAML or OpenID Connect * Policy-based authorization with XACML * Integrated service and API governanc * Advanced data and protocol transformation ele ener ee aera Rr acu ion available today, on-premise and in the cloud Dene Chee ee aaa etc accom rn oreo na ene Pe ee cue une ree Me een eR)FEATURES Design and Prototype APs Design APIs, gather developers’ feedback before implementing (API Fist Design). Design can be done from the publishing interface or via importing an existing Swagger 2.0 detnition Deploy a prototyped API, provide early access to APIs, and get early feedback Mock AP! implementation using JavaSoript ‘Supports publishing SOAP, REST, JSON, and XML style services as APIs Supports grouping of mutiole APIs based on the version Assample API to try-out for a hassle-free first experience Publish and Govern API Use Publish APIs to extemal consumers and partners, as well as to intemal users Ability 10 publish APIs to a selected set of gateways ina muli-gateway environment Support enforcement of corporate policies for actions ike subscriptions, application creation, etc. via customizable work lows Manage API visibilty and restrict access to specific partners or customers Manage API ifecyclo trom cradle to grave: create, publish, block, deprecate, and retire Publish bath production and s easy developer testing Manage API versions and deployment status by version (One-click deployment to API gatoway for immediate publishing box keys for APIs to enable Control ‘Access and Enforce Security Apply securly policies to APIs (authentication, authorization) Rely on OAuth? standard for API access (implicit, authorization code, client, SAML, IWA Grant Type) Rosvict API access toxens to domains/IPs Supports plugging in third-party key servers for application registration, loken generation & token validation apart {rom the WSO2 Key Manager Block a subscriotion and restrict a complete application Associate API available to system-detined service tiers Leverage XACML for entitlements management and fine-grain authorization Contigure Single Sign-On (SSO) using SAML 2.0 for easy integration with exisling web apps Create a Store of all Available APIs Graphical experience similar fo popular applications stores Browse and search APIs by provider, tags, or namo Provision API keys Subscribe to APIs and manage subscriptions on ger-application basis, Subscriptions can be at cifferent service tiers based on expected usage levels Try APIs directly from the storefront Internationalization support Common view ol the store for users registered under same organization Manage Developer Community Selt-egistration for developer community to subscribe to APIs Developer interaction with APIS via forums, comments, and ratings View API consumer analytics Manage API Tratfic ‘APL gateway can act as SSL termination point Supports protocol transformation, data transformation, and API composition Maps between HTTP(s) and other protocols, such as UMS or wiring to file systems Extremely high performance pass latency Enforces rate iting and throting policies for APIs by consumer Horizontally scalable with easy deployment into cluster using proven routing infrastructure Supports up to 1300 TPS on a single node ugh message routing with minimalFEATURES (Cont) Monitor API ‘= AILAPL usage published to pluggable analytics framework Usage and ‘* Out-of-the-box support for WSO2 Business Activity Monitor Performance and Google Analytics. Supports configuring WSO? Business Activity Monitor through a graphical intr ‘+ Track consumer analytics per API, per API version, per ters, and per consumer ‘+ Monitor SLA compliance * Alerting, realtime dashboards ‘= Publish your own events and create your own dashboards ‘= 008 suppor for everts based on throttling, faults latency within and from WS02 API Manager to targel and approvalirejection of self-egistration, subscription and app creation Pluggable, ‘+ All components are highly customizable through styling, theming, Extensible, and and code extensionsa Themeable * Storefront implemented with JaggeryiJavaScriot (jaggeryis.ora) for easy customization ‘+ Pluggable to thi-party analytics systems and billing systoms able to existing user repositories including Microsoft Active Directory, LOAP, databases, or Apache Cassandra + Componenis usable separately: API store can be used fo catalog APIs deployed in third-party gateways. Easily + Role-based access Depioyablein | «Src cane doloyed in DMZ or extemal access wih Your Enterprise publisher inside the firewall for private control + Biorent user stores for developer focused trerot and intemal operations in publaher « Integrates with enterpre dently systems inckiding LDAP and tose Active Directory + Gateway can be doployod in OMZ win controled access to \WSO2 Identy Serer (or autnenteatonfauthorzaton) and governance dalabase behing frewal rol for managing users and their WSO2 Platform | * Multi-tenancy Support management to mutiplo ‘+ Share APIS between different departments in a large ent Pee CPR Seu Canis BRE VCUn mec rutacl sysctl Oe ee eC eso ok Le cancun es ae uaa eNO cae Rg Dee ae cee a eeem er cca sec issocd Pee Meee ec TOTES oer ne ates ou CAC Caer uKclCnaa iia c(Cy Este Contact : bizdev@wso2.com for more details ‘on how we can help with your next enterprise IT project. [al