Tag: WSO2 API

Guide to Creating an API Product and Grouping APIs in WSO2 API Manager

Posted on by shyam

Prerequisites

Before we dive into the steps, make sure you have the following in place:

  • WSO2 API Manager installed and running.
  • Admin access to WSO2 API Manager.
  • APIs already created and published that you want to group into a product.

Step 1: Log in to the API Publisher

To start, you need to log in to the WSO2 API Publisher.

  • Open your web browser and navigate to the WSO2 API Publisher portal.
  • Log in using your administrative credentials.

This will take you to the main dashboard where you can manage your APIs and products.

Step 2: Create an API Product

Creating an API Product is the first step towards grouping your APIs under a single entity.

1. Navigate to the API Products Section:

  • Click on the “API Products” tab in the top navigation menu.
  • Click on “Create API Product”.
Navigate to the API Products Section

2. Define API Product Details:

  • Name: Enter a name for your API Product.
  • Context: Provide a context for the API Product (e.g., /product1).
  • Version: Specify the version (e.g., v1).
  • Visibility: Choose the visibility scope (e.g., Public, Restricted, etc.).
Define API Product Details

3. Select APIs to Include in the Product:

  • Click on the “Add APIs” button.
  • Select the APIs you want to include in the product from the list.
  • Click “Add” to include the selected APIs.
Select APIs to Include in the Product

4. Configure API Product Resources:

  • Review and configure the resources from the included APIs.
  • Adjust the resource paths and methods as needed.
Configure API Product Resources

5. Save and Publish:

  • Once all configurations are done, click “Save”.
  • Publish the API Product by clicking “Publish”.
Save and Publish

Step 3: Grouping APIs in the API Product

Grouping APIs allows you to bundle related endpoints together, making it easier to manage and access them.

1. Add API Resources:

  • After selecting APIs, you’ll see a list of resources (endpoints) available in those APIs.
  • Group these resources by selecting the ones you want to bundle together under specific paths.
Grouping APIs in the API Product

2. Define the Grouping Logic:

  • For instance, you can group resources based on functionality (e.g., all user-related endpoints can be grouped together).
  • Use the UI to drag and drop or check/uncheck resources to create logical groupings.
Define the Grouping Logic

Step 4: Configure Policies and Settings

Configuring policies and settings ensures that your API Product is secure, manageable, and aligned with your business goals.

1. Rate Limiting Policies:

  • Apply rate limiting policies to control the usage of the API Product.
  • Set throttling limits to manage the number of requests per minute/hour/day.
Configure Policies and Settings

2. Subscription Tiers:

  • Define subscription tiers that users can select when subscribing to the API Product.
  • Ensure that the tiers align with your business goals and usage policies.
Subscription Tiers

3. Security Settings:

  • Configure security settings such as OAuth2.0 for authentication.
  • Set scopes and roles to manage access control.
Security Settings

Step 5: Test the API Product

Testing your API Product is crucial to ensure that it functions as expected and that developers can use it effectively.

1. Access the API Developer Portal:

  • Switch to the WSO2 API Developer Portal.
Test the API Product
  • Find your published API Product.
Fnid your published API

2. Subscribe and Generate Keys:

  • Subscribe to the API Product using an application.
Subscribe and Generate Keys
  • Generate API keys or tokens required for accessing the APIs.
Generate API keys

3. Invoke the APIs:

  • Use tools like Postman or cURL to send requests to the API endpoints.
  • Ensure that the requests are routed correctly and responses are as expected.
Invoke the APIs

Conclusion

By following these steps, you’ll successfully create API Products and group APIs within WSO2 API Manager. This approach fosters organized API management, facilitates the application of common policies, and enhances the developer experience.

Key Benefits of API Product Creation:

  • Improved Developer Experience: Offers a streamlined and intuitive interface for developers to discover and consume APIs.
  • Enhanced API Management: Simplifies the management of large API portfolios by grouping related APIs together.
  • Effective Policy Enforcement: Enables consistent application of security, rate limiting, and other policies across API Products.
  • Optimized Resource Utilization: Facilitates efficient resource allocation and monitoring.
  • Accelerated Time-to-Market: Speeds up the process of exposing APIs to developers.

Leverage API Products for Business Growth

By effectively utilizing API Products in WSO2 API Manager, you can unlock new revenue streams, foster innovation, and strengthen your digital ecosystem. Consider these additional strategies:

  • Partner Onboarding: Create API Products tailored for specific partner segments to facilitate collaboration.
  • Developer Engagement: Offer comprehensive documentation, support, and developer portals to enhance developer satisfaction.
  • Monetization: Explore various monetization models such as pay-per-use, subscription-based, or freemium options.
  • API Lifecycle Management: Implement robust processes for API creation, testing, deployment, and retirement.

By embracing API Products as a core component of your API strategy, you can position your organization for long-term success in the digital age. For any query or questions on API Product & grouping, please reach out to us at info@tellestia.com

WSO2 API Manager 4.2 – What, Why & How to Upgrade from an Older Version

Posted on by Dinesh

Why Upgrade to WSO2 APIM 4.2.0? 

1. Access to New Features and Enhancements 

WSO2 APIM 4.2 introduces a plethora of features and improvements designed based on customer feedback and market trends. Below is the list of features added to WSO2 API 4.2.0 from its successor release of 4.1.0. These features are aimed at improving performance, security, and usability.  

  • JDK 17 support 
  • Open Telemetry Support 
  • Datadog integration with WSO2 API Manager 
  • ELK Support for MI 
  • Configuring Self Sign up through Admin Portal 
  • Configuring API Lifecycle through Admin Portal 
  • Enable logs without server restart 
  • Removal of Jaggery Apps from Portals 
  • Registry artifact view support for MI Management API/Dashboard 
  • Gateway Support for Single Usage Token 
  • Support for managing Common API Policies with APICTL 
  • Handling accidental deletions of shared backend certificates 
  • API Linters for validating the API Specifications 
  • Generate API Documentation Automatically from OAS 
  • Support for managing Rate Limiting Policies with APICTL 
  • MI Dashboard Improvement and Search capability for MI Management API 

2. Security and Vulnerability Fixes 

With the digital threat landscape constantly evolving, staying ahead of vulnerabilities is critical. WSO2 APIM 4.2 includes fixes for known vulnerabilities and security enhancements, ensuring your API management platform is secure against the latest threats. 

3. Enhanced User Experience and Performance 

Transitioning from older versions to WSO2 APIM 4.2, users can expect a more responsive, user-friendly interface built with the latest technologies. Performance improvements includes 

  • Reduced startup times  
  • Lower memory utilization for product installation & services executions 
  • Enhanced throughput  

4. Support Lifecycle and End of Life (EOL) 

WSO2 provides support for each product version for a minimum of three years from its release date. Post this period, the version reaches its End of Life (EOL) and is no longer supported. Upgrading before the EOL ensures continuous support and avoids potential risks associated with unsupported software. 

Preparing for the Upgrade: 

Before diving into the upgrade process, it’s crucial to understand that migrating to WSO2 APIM 4.2.0 can vary in complexity depending on your current version and customization level. Here’s a structured approach to guide you through the upgrade. 

Step 1: Setting Up a New Deployment 

Begin with establishing a new deployment environment for WSO2 APIM 4.2, ensuring you don’t disrupt your existing setup. This approach allows for a seamless transition and testing phase before going live. 

Step 2: Migrating Configurations 

Configuration migration is a critical step, especially if you’re moving from a version older than 3.x, which utilizes XML-based configurations. WSO2 APIM 4.2 employs a TOML-based configuration model, necessitating the migration of all configuration files to the new format.  

For example: The offset change in the XML-based configuration model needs to update the product offset in ‘carbon.xml’ configuration file as mentioned in the image below:  

Migrating configurations in WS02 API Manager

In the latest version 4.2.0 toml-based model, the offset needs to be updated in the ‘deployment.toml’ file as mentioned in the image below:  

Migrating configurations in WS02 API Manager 1

Step 3: Customization and Dependency Updates 

If your deployment includes custom components (e.g., mediators, JWT generators), you’ll need to update these for compatibility with the new version. This might include code changes, especially if moving from versions that supported JDK 8, as JDK 17 is the standard for APIM 4.2. 

Step 4: Database Migration 

Database migration involves moving data from your old setup to the new one. This step is crucial if you’re using databases other than the default H2 database. Remember to update the database schema to accommodate new features introduced in APIM 4.2. 

Step 5: Registry and Gateway Artifacts Migration 

For versions older than APIM 4.2, you’ll need to migrate registry and gateway artifacts. While the gateway artifact migration is optional due to changes in how artifacts are stored, it’s necessary if you’re coming from versions like 2.x. 

Step 6: Migrating Identity and Access Management Components 

This step involves updating the identity and access management components to ensure seamless integration with the new version. It’s essential for maintaining user identities and access controls post-migration. 

Best Practices and Final Thoughts 

Successfully migrating to WSO2 APIM 4.2 not only involves carefully following the technical steps but also adopting best practices throughout the process. Here are some key recommendations: 

  • Engage with Experts: Consulting with WSO2 experts or partners can provide valuable insights and help avoid common pitfalls. 
  • Database Preparations: If changing database types or versions, address this either before or after the migration to avoid complications. 
  • Load Balancer Adjustments: Ensure your load balancers are configured to handle the new deployment smoothly. 
  • Pilot Migrations: Conducting a pilot migration can help identify potential issues and estimate the time required for the full migration. 
  • Downtime Planning: Schedule the migration during low-traffic periods or plan for a complete downtime if feasible, to minimize impact on users. 

Migrating to WSO2 APIM 4.2 is a strategic move that brings your API management capabilities in line with the latest technological advancements, security standards, and performance optimizations. By following the outlined steps and best practices, you can ensure a smooth transition to a more secure, efficient, and user-friendly API management platform. 

Remember, the upgrade process is a significant endeavor that requires thorough planning and testing. Leveraging the support and expertise of WSO2 partners can greatly facilitate this process, ensuring that your organization reaps the full benefits of WSO2 APIM 4.2’s capabilities.

Simplify Your API Management with WSO2 API Manager: A Comprehensive Guide for CIOs

Posted on by Dinesh

What is WSO2 API Manager?

WSO2 API Manager is an open-source solution that provides comprehensive capabilities for managing, monitoring, and securing APIs. It is designed to simplify the process of creating, publishing, and managing APIs, regardless of the technology used to build them. With WSO2 API Manager, businesses can quickly create APIs that can be easily consumed by developers, partners, and customers.

WSO2 API Manager comprises three key components: the API Publisher, the Developer Portal (formerly the API Store), and the Gateway. Let’s explore each of these components in more detail.

The API Publisher

The API Publisher is a web-based tool that allows developers to create and publish APIs. It provides a simple and intuitive interface for developers to define the resources and methods of the API, as well as the security policies that govern its access. The API Publisher also allows developers to test the API before publishing it, ensuring that it works as expected.

For CIOs, the API Publisher provides a centralized platform for managing the API lifecycle. It allows them to define the API specifications, set up security policies, and monitor API usage. This makes it easier to maintain control over the APIs and ensure that they meet business requirements.

The Developer Portal

The Developer Portal (formerly the API Store) provides a platform for developers to discover and consume APIs. It is a self-service portal where developers can browse APIs, view their documentation, and request access. The Developer Portal also allows developers to subscribe to APIs and manage their subscriptions.

For CIOs, the Developer Portal provides a platform for API monetization. It allows businesses to define API pricing, billing, and revenue-sharing policies. CIOs can track API usage and revenue generated through the Developer Portal dashboard. Additionally, the Developer Portal provides a way to track developer feedback and requests, enabling businesses to make informed decisions about their API strategy.

The Gateway

The Gateway is the runtime component of WSO2 API Manager. It processes API requests and enforces security policies, ensuring that only authorized requests are allowed. The Gateway supports a wide range of protocols, including HTTP, HTTPS, WebSocket, and MQTT, making it a flexible solution for managing APIs.

For CIOs, the Gateway provides a scalable and secure platform for managing API traffic. It allows businesses to control access to APIs, monitor usage, and enforce security policies. The Gateway also supports advanced features such as caching, rate limiting, and throttling, enabling businesses to optimize API performance and ensure a high-quality user experience.

Analytics

WSO2 API Manager also provides analytics capabilities that help businesses gain insights into API usage and performance. The Analytics component of WSO2 API Manager provides real-time and historical data on API usage, response times, and errors. This helps businesses to identify potential issues and optimize API performance.

How Does WSO2 API Manager Work?

Now that we have explored the components of WSO2 API Manager, let’s look at how it works. The following steps describe the typical workflow for managing APIs using WSO2 API Manager.

Step 1: Define the API Specifications

The first step in managing an API with WSO2 API Manager is to define its specifications. This includes identifying the resources and methods of the API, as well as any security policies that should be applied. This is done using the API Publisher, which provides a simple and intuitive interface for defining API specifications.

Step 2: Test the API

Once the API specifications have been defined, developers can test the API using the API Publisher. This allows them to ensure that the API works as expected before it is published.

Step 3: Publish the API

After the API has been tested and validated, it can be published to the Developer Store (API Store). The Developer Store provides a platform for developers to discover and consume APIs. The Developer Store also allows businesses to promote their APIs and monitor usage.

Step 4: Monitor API Usage

Once the API is published, businesses can monitor its usage using the API Manager dashboard. The dashboard provides real-time insights into API traffic, including the number of requests, response times, and error rates. This allows businesses to identify potential issues and optimize API performance.

Step 5: Enforce Security Policies

WSO2 API Manager provides a comprehensive set of security policies that can be applied to APIs. These include OAuth2, OpenID Connect, and Mutual SSL. These policies ensure that only authorized requests are allowed, and that API traffic is secure and compliant with industry standards.

Step 6: Optimize API Performance

The Gateway component of WSO2 API Manager provides advanced features for optimizing API performance. These include caching, rate limiting, and throttling. These features help to ensure that API traffic is optimized for performance and that users have a high-quality experience.

Step 7: Manage the API Lifecycle

WSO2 API Manager provides a centralized platform for managing the entire API lifecycle. This includes defining API specifications, publishing APIs to the API Store, monitoring API usage, and enforcing security policies. This centralized approach makes it easier for businesses to maintain control over their APIs and ensure that they meet business requirements.

Conclusion

In conclusion, WSO2 API Manager is an open-source solution that provides comprehensive capabilities for managing, monitoring, and securing APIs. It simplifies the process of creating, publishing, and managing APIs, and provides a scalable and secure platform for managing API traffic. Tellestia’s WSO2 API Manager services provides a centralized platform for managing the entire API lifecycle, enabling businesses to maintain control over their APIs and ensure that they meet business requirements.