WSO2 API Manager: A Leader in Forrester Wave Q3 2024 Report

Forrester’s Evaluation: What Defines the Leaders?

Forrester’s rigorous analysis involves 26 criteria, evaluating vendors on factors such as their current offering, strategy, and market presence. These criteria focus on an API platform’s ability to manage the entire API lifecycle, ensure security, and offer scalable and flexible deployment options to meet diverse enterprise needs. WSO2’s strong performance in categories like API lifecycle management, security, and deployment flexibility underscores its leadership position. With standout features like full lifecycle management, OAuth2.0 support, and hybrid/multi-cloud deployment, WSO2 is highly regarded for its versatility and ability to meet both traditional and cloud-native enterprise architectures.

The WSO2 platform also excelled in developer experience, where its microservices support, API discovery tools, and collaboration features received high praise. WSO2’s seamless integration with its broader suite of products, such as the WSO2 Identity Server and WSO2 Enterprise Integrator, along with its customer-centric innovation, contributed significantly to its leadership ranking.

WSO2 API Manager’s Key Strengths

  • Full API Lifecycle Management

WSO2 API Manager provides a comprehensive solution to manage the entire API lifecycle, from design and publication to retirement. This approach ensures that organizations have total control over their APIs while adapting to evolving business needs. WSO2’s support for both traditional and microservices-based API management offers the flexibility enterprises require.

  • Strong Focus on Security and Compliance

One of the critical challenges of API management is ensuring robust security while maintaining compliance with industry standards. WSO2 API Manager excels in this area by offering advanced API security features such as rate limiting, OAuth2.0, and role-based access control (RBAC). Additionally, the platform’s compliance with various standards and regulations provides enterprises with the confidence that their APIs are secure and compliant with evolving regulatory requirements.

  • Hybrid and Multi-Cloud Deployment

As enterprises increasingly adopt hybrid and multi-cloud environments, API platforms must be adaptable. WSO2 API Manager allows organizations to deploy APIs in on-premises, cloud, or hybrid environments, offering the scalability and agility required to meet evolving infrastructure needs.

  • Seamless Integration with WSO2 Ecosystem

WSO2 API Manager integrates seamlessly with other products in the WSO2 ecosystem, such as the WSO2 Identity Server and Enterprise Integrator. This holistic integration provides a unified platform for handling APIs, identities, and system integrations, which can simplify IT operations and boost productivity across various departments.

  • Developer-Friendly Features

WSO2 API Manager offers a developer-friendly environment with a built-in API marketplace and developer portal, enabling API discovery, collaboration, and reuse. With powerful monitoring, versioning, and analytics tools, developers can easily create, modify, and track APIs, fostering innovation across teams.

Why WSO2 is Ranked as a Leader

WSO2’s leadership in the Forrester Wave™ report stems from its ability to balance rich functionality with flexibility. Its API management solution caters to a wide range of use cases, from traditional on-premises deployments to modern cloud-native architectures. This versatility, along with competitive pricing and a strong commitment to customer-driven innovation, positions WSO2 as a leading choice for enterprises seeking to scale their API programs effectively.

Forrester also highlighted WSO2’s customer-centric approach, where the company continuously enhances its platform based on client feedback, ensuring that it meets the evolving demands of the API management landscape.

Looking Ahead: WSO2’s Future-Ready Roadmap

WSO2’s roadmap focuses on further enhancing its support for cloud-native technologies and expanding capabilities around API analytics and artificial intelligence-driven insights. The company is also keen on introducing features that streamline API security in increasingly complex multi-cloud ecosystems.

Conclusion

WSO2’s recognition as a leader in the Forrester Wave™ API Management Software, Q3 2024 report is a testament to its comprehensive feature set, commitment to innovation, and ability to meet the growing demands of enterprises in the API-driven economy. Whether your organization is adopting APIs to enhance internal operations or deliver new digital experiences, WSO2 offers a solution that can scale alongside your business, making it a top contender for enterprises seeking a future-proof API management platform.

As the API management landscape continues to evolve, WSO2’s position as a leader is likely to strengthen, offering companies an agile and secure way to capitalize on the full potential of their APIs.

For more insights into how WSO2 performed in the report, you can view the complete Forrester Wave™ API Management Software, Q3 2024 report here – https://reprint.forrester.com/reports/the-forrester-wave-tm-api-management-software-q3-2024-8039c3ee/index.html.

Tellestia is a proud WSO2 partner. If you’re interested in a quick demo of WSO2 API Manager, please reach out to us at info@tellestia.com to schedule a session.

Guide to Creating an API Product and Grouping APIs in WSO2 API Manager

Prerequisites

Before we dive into the steps, make sure you have the following in place:

  • WSO2 API Manager installed and running.
  • Admin access to WSO2 API Manager.
  • APIs already created and published that you want to group into a product.

Step 1: Log in to the API Publisher

To start, you need to log in to the WSO2 API Publisher.

  • Open your web browser and navigate to the WSO2 API Publisher portal.
  • Log in using your administrative credentials.

This will take you to the main dashboard where you can manage your APIs and products.

Step 2: Create an API Product

Creating an API Product is the first step towards grouping your APIs under a single entity.

1. Navigate to the API Products Section:

  • Click on the “API Products” tab in the top navigation menu.
  • Click on “Create API Product”.
Navigate to the API Products Section

2. Define API Product Details:

  • Name: Enter a name for your API Product.
  • Context: Provide a context for the API Product (e.g., /product1).
  • Version: Specify the version (e.g., v1).
  • Visibility: Choose the visibility scope (e.g., Public, Restricted, etc.).
Define API Product Details

3. Select APIs to Include in the Product:

  • Click on the “Add APIs” button.
  • Select the APIs you want to include in the product from the list.
  • Click “Add” to include the selected APIs.
Select APIs to Include in the Product

4. Configure API Product Resources:

  • Review and configure the resources from the included APIs.
  • Adjust the resource paths and methods as needed.
Configure API Product Resources

5. Save and Publish:

  • Once all configurations are done, click “Save”.
  • Publish the API Product by clicking “Publish”.
Save and Publish

Step 3: Grouping APIs in the API Product

Grouping APIs allows you to bundle related endpoints together, making it easier to manage and access them.

1. Add API Resources:

  • After selecting APIs, you’ll see a list of resources (endpoints) available in those APIs.
  • Group these resources by selecting the ones you want to bundle together under specific paths.
Grouping APIs in the API Product

2. Define the Grouping Logic:

  • For instance, you can group resources based on functionality (e.g., all user-related endpoints can be grouped together).
  • Use the UI to drag and drop or check/uncheck resources to create logical groupings.
Define the Grouping Logic

Step 4: Configure Policies and Settings

Configuring policies and settings ensures that your API Product is secure, manageable, and aligned with your business goals.

1. Rate Limiting Policies:

  • Apply rate limiting policies to control the usage of the API Product.
  • Set throttling limits to manage the number of requests per minute/hour/day.
Configure Policies and Settings

2. Subscription Tiers:

  • Define subscription tiers that users can select when subscribing to the API Product.
  • Ensure that the tiers align with your business goals and usage policies.
Subscription Tiers

3. Security Settings:

  • Configure security settings such as OAuth2.0 for authentication.
  • Set scopes and roles to manage access control.
Security Settings

Step 5: Test the API Product

Testing your API Product is crucial to ensure that it functions as expected and that developers can use it effectively.

1. Access the API Developer Portal:

  • Switch to the WSO2 API Developer Portal.
Test the API Product
  • Find your published API Product.
Fnid your published API

2. Subscribe and Generate Keys:

  • Subscribe to the API Product using an application.
Subscribe and Generate Keys
  • Generate API keys or tokens required for accessing the APIs.
Generate API keys

3. Invoke the APIs:

  • Use tools like Postman or cURL to send requests to the API endpoints.
  • Ensure that the requests are routed correctly and responses are as expected.

Conclusion

By following these steps, you’ll successfully create API Products and group APIs within WSO2 API Manager. This approach fosters organized API management, facilitates the application of common policies, and enhances the developer experience.

Key Benefits of API Product Creation:

  • Improved Developer Experience: Offers a streamlined and intuitive interface for developers to discover and consume APIs.
  • Enhanced API Management: Simplifies the management of large API portfolios by grouping related APIs together.
  • Effective Policy Enforcement: Enables consistent application of security, rate limiting, and other policies across API Products.
  • Optimized Resource Utilization: Facilitates efficient resource allocation and monitoring.
  • Accelerated Time-to-Market: Speeds up the process of exposing APIs to developers.

Leverage API Products for Business Growth

By effectively utilizing API Products in WSO2 API Manager, you can unlock new revenue streams, foster innovation, and strengthen your digital ecosystem. Consider these additional strategies:

  • Partner Onboarding: Create API Products tailored for specific partner segments to facilitate collaboration.
  • Developer Engagement: Offer comprehensive documentation, support, and developer portals to enhance developer satisfaction.
  • Monetization: Explore various monetization models such as pay-per-use, subscription-based, or freemium options.
  • API Lifecycle Management: Implement robust processes for API creation, testing, deployment, and retirement.

By embracing API Products as a core component of your API strategy, you can position your organization for long-term success in the digital age. For any query or questions on API Product & grouping, please reach out to us at info@tellestia.com

WSO2 API Manager 4.2 – What, Why & How to Upgrade from an Older Version

Why Upgrade to WSO2 APIM 4.2.0? 

1. Access to New Features and Enhancements 

WSO2 APIM 4.2 introduces a plethora of features and improvements designed based on customer feedback and market trends. Below is the list of features added to WSO2 API 4.2.0 from its successor release of 4.1.0. These features are aimed at improving performance, security, and usability.  

  • JDK 17 support 
  • Open Telemetry Support 
  • Datadog integration with WSO2 API Manager 
  • ELK Support for MI 
  • Configuring Self Sign up through Admin Portal 
  • Configuring API Lifecycle through Admin Portal 
  • Enable logs without server restart 
  • Removal of Jaggery Apps from Portals 
  • Registry artifact view support for MI Management API/Dashboard 
  • Gateway Support for Single Usage Token 
  • Support for managing Common API Policies with APICTL 
  • Handling accidental deletions of shared backend certificates 
  • API Linters for validating the API Specifications 
  • Generate API Documentation Automatically from OAS 
  • Support for managing Rate Limiting Policies with APICTL 
  • MI Dashboard Improvement and Search capability for MI Management API 

2. Security and Vulnerability Fixes 

With the digital threat landscape constantly evolving, staying ahead of vulnerabilities is critical. WSO2 APIM 4.2 includes fixes for known vulnerabilities and security enhancements, ensuring your API management platform is secure against the latest threats. 

3. Enhanced User Experience and Performance 

Transitioning from older versions to WSO2 APIM 4.2, users can expect a more responsive, user-friendly interface built with the latest technologies. Performance improvements includes 

  • Reduced startup times  
  • Lower memory utilization for product installation & services executions 
  • Enhanced throughput  

4. Support Lifecycle and End of Life (EOL) 

WSO2 provides support for each product version for a minimum of three years from its release date. Post this period, the version reaches its End of Life (EOL) and is no longer supported. Upgrading before the EOL ensures continuous support and avoids potential risks associated with unsupported software. 

Preparing for the Upgrade: 

Before diving into the upgrade process, it’s crucial to understand that migrating to WSO2 APIM 4.2.0 can vary in complexity depending on your current version and customization level. Here’s a structured approach to guide you through the upgrade. 

Step 1: Setting Up a New Deployment 

Begin with establishing a new deployment environment for WSO2 APIM 4.2, ensuring you don’t disrupt your existing setup. This approach allows for a seamless transition and testing phase before going live. 

Step 2: Migrating Configurations 

Configuration migration is a critical step, especially if you’re moving from a version older than 3.x, which utilizes XML-based configurations. WSO2 APIM 4.2 employs a TOML-based configuration model, necessitating the migration of all configuration files to the new format.  

For example: The offset change in the XML-based configuration model needs to update the product offset in ‘carbon.xml’ configuration file as mentioned in the image below:  

Migrating configurations in WS02 API Manager

In the latest version 4.2.0 toml-based model, the offset needs to be updated in the ‘deployment.toml’ file as mentioned in the image below:  

Migrating configurations in WS02 API Manager 1

Step 3: Customization and Dependency Updates 

If your deployment includes custom components (e.g., mediators, JWT generators), you’ll need to update these for compatibility with the new version. This might include code changes, especially if moving from versions that supported JDK 8, as JDK 17 is the standard for APIM 4.2. 

Step 4: Database Migration 

Database migration involves moving data from your old setup to the new one. This step is crucial if you’re using databases other than the default H2 database. Remember to update the database schema to accommodate new features introduced in APIM 4.2. 

Step 5: Registry and Gateway Artifacts Migration 

For versions older than APIM 4.2, you’ll need to migrate registry and gateway artifacts. While the gateway artifact migration is optional due to changes in how artifacts are stored, it’s necessary if you’re coming from versions like 2.x. 

Step 6: Migrating Identity and Access Management Components 

This step involves updating the identity and access management components to ensure seamless integration with the new version. It’s essential for maintaining user identities and access controls post-migration. 

Best Practices and Final Thoughts 

Successfully migrating to WSO2 APIM 4.2 not only involves carefully following the technical steps but also adopting best practices throughout the process. Here are some key recommendations: 

  • Engage with Experts: Consulting with WSO2 experts or partners can provide valuable insights and help avoid common pitfalls. 
  • Database Preparations: If changing database types or versions, address this either before or after the migration to avoid complications. 
  • Load Balancer Adjustments: Ensure your load balancers are configured to handle the new deployment smoothly. 
  • Pilot Migrations: Conducting a pilot migration can help identify potential issues and estimate the time required for the full migration. 
  • Downtime Planning: Schedule the migration during low-traffic periods or plan for a complete downtime if feasible, to minimize impact on users. 

Migrating to WSO2 APIM 4.2 is a strategic move that brings your API management capabilities in line with the latest technological advancements, security standards, and performance optimizations. By following the outlined steps and best practices, you can ensure a smooth transition to a more secure, efficient, and user-friendly API management platform. 

Remember, the upgrade process is a significant endeavor that requires thorough planning and testing. Leveraging the support and expertise of WSO2 partners can greatly facilitate this process, ensuring that your organization reaps the full benefits of WSO2 APIM 4.2’s capabilities.