SlideShare a Scribd company logo

WSO2 for API-Driven Integration

WSO2
WSO2

WSO2 is a leading open source integration vendor that helps organizations become integration agile. It offers an API-led integration platform including API management, enterprise integration, and identity and access management. The platform uses API-first approach and supports hybrid deployments. It provides full API lifecycle management with capabilities for design, security, analytics, and monetization.

Technology
1 of 62
Download to read offline
WSO2 for API-Driven Integration Johann Dilantha Nallathamby Associate Director/Solutions Architect
Image Area WSO2 is the world’s #1 open source integration vendor, helping digital-driven organizations become integration agile.Today, hundreds of leading brands and thousands of global projects execute 6 trillion transactions annually using WSO2 integration technologies. Visit https://wso2.com to learn more. About WSO2
We are an API-led Integration Platform
Start with API management... IDENTITY SERVER Secure and federated identity For APIs and integration 60M identities managed ENTERPRISE INTEGRATOR Quick, iterative integration of any app, data, or system 6 trillion transactions / yr Complement APIs with integration, security and analytics to connect apps and data. API MANAGER API design, creation, reuse, governance, and analytics 20K APIs Open Source API Management, Integration, Identity WSO2 API-Led Integration Platform ● Identity management ● Identity federation / SSO ● Identity bridging ● API and microservices security ● Strong and adaptive Auth ● Access control ● Privacy control ● IAM and security analytics ● API analytics ● API designer ● API gateway ● API microgateway ● API publisher ● API storefront/marketplace ● API repository/registry ● ESB ● Integration designer ● Message broker ● Workflows ● Business rules ● Streaming engine ● Stream processing ● Integration analytics
Solutions: Telco | Open Banking | Healthcare | GDPR | WSO2 Architecture for Agility WSO2 Methodology for Agility Cloud-Native Integration Kubernetes | Docker | Ballerina | Cellery IDENTITY & ACCESS MANAGEMENT ENTERPRISE INTEGRATION API MANAGEMENT Hybrid Deployment WSO2 Managed Cloud | WSO2 Hosted Cloud | On-premises Open source, hybrid, API-led integration Putting It Together: WSO2 Integration Agile Platform
Open Source API Management
Product Overview WSO2 API Manager is a fully open source approach to addressing any spectrum of API lifecycle, monetization and policy enforcement.
“...the only fully open source solution in our Wave analysis, WSO2 provides good breadth across all evaluation criteria.” Leader in the Forrester Wave: API Management Solutions, Q4 2018
KuppingerCole Leadership Compass on API Management and Security - Nov 2019
KuppingerCole Leadership compass on API Management and Security - Nov 2019
Why APIs?
Why APIs? ● To drive innovation and accelerate go to market process. ● As marketing channel or lead generation source. ● To acquire new customers and users. ● Expand your business with partners or resellers. ● Build audience and an ecosystem around your products. ● Integrate your services with different devices and systems. ● Sell your data to external parties. ● Extend your products or services.
WSO2 API Manager
WSO2 API Manager Components • API Publisher • API Gateway / Microgateway • API Store / developer portal • Key Manager • Traffic Manager • Analytics An open source approach for full API lifecycle management, monetization, and policy enforcement. Allows extensibility and customization, ensures freedom from lock-in.
Gateway Broad portfolio of API management functionality ( * = New since 2018) Internal and External API Management API Manager: Core Competencies ○ Policy Enablement ○ Protocol Handling ○ Transformation ○ Microgateway* ○ Mobile & Multi-experience ○ Data & Data as a Service Security ○ OAuth2 ○ OIDC ○ Federated ID ○ SSO ○ JWT ○ AI driven API Security* Analytics Cloud Native ○ Business value reporting ○ Streaming & event-driven analytics ○ Real-time alerting ○ Traffic management ○ Monetization ○ Istio integration* ○ Installations - Kubernetes, Docker, PCF. ○ Monitoring with Prometheus / Grafana* ○ Improved CI/CD* Portal/Store ○ API Marketplaces ○ Monetization hooks / partners ○ Flexible theme-based architecture ○ Registry and versioning model Multiple plug-points and extensibility | Open source projects | Flexible deployment options
API Gateways
Gateways - API Runtime options ● Multiple Gateway options ○ MicroGW : Immutable, container native, ideal for greenfield projects ○ Regular : Robust, API driven, ideal for brownfield projects ○ Both use the same management plane ○ Both can be used together in the same deployment ● Hybrid option: Gateways close to services, Mgt. plane on cloud ● Both can scale without management plane ● Gateways are identity provider agnostic -> Can work with any key manager as long as trust is established and a signed token is used
• Can scale with or without Key Manager • Supports SOAP and WebSocket based APIs in addition to REST • Automatic SOAP to REST conversion • Config driven mediation support Standard Gateway Gateway Key Manager Traffic Manager <RES T> <SOA P> <WebSock et> HTTP HTTP HTTP HTTP JMS HTTP
● Designed to scale ○ Self-validating tokens ○ Localized rate limiting ○ Offline analytics ○ Immutable ○ Stateless ● Ideal to be deployed in a locked-down env such as DMZ ● Native support for Docker/K8S ● Private Jet Gateway for microservices ● First-class support for lifecycle management across environments WSO2 API Microgateway
WSO2 API Microgateway Components • Gateway runtime • Toolkit
Cloud-native Capabilities ● Low footprint ○ 70 MB of distribution size. ○ < 100 MB of memory. ○ < 1 core CPU. ● Faster scaling ○ < 1s startup time (fixed) ○ Independent execution with no dependencies on other components. ● Portability ○ Works natively on Docker/Kubernetes. ○ Immutable gateway runtimes. ○ Fully automated CI/CD. ○ Platform independent. ● Observable ○ Metrics available through Prometheus ○ Tracing available through Jaeger.
Control Plane
Key Manager and Traffic Manager ● Scalable and flexible authentication and authorization policy enforcement based on OAuth2.0 and other protocols. ● Integration with third party authorization services ● Supports a wide range of application types such as mobile, web, SPA, wearable devices, biometrics, etc ● Social integration for login via social networks and other IDPs. ● Rate limits used for billing and metering purposes ● Fair usage policy enforcements ● Rate limits based on user privilege, location, device type, etc. ● Rate limits for target services Security Rate Limiting
Security - Standard OAuth2.0 Gateway Request Access Token (with scopes) Provide Opaque Token Client Application sends Token to Gateway Validate Token 1 2 3 4
Security - Signed JWT Client Application sends Signed JWT to Gateways Gateway Gateway Request Access Token (with scopes) Provide Signed JWT 1 2 3 3 4 4
Authorization & Introspection ● Secure Token Service can be replaced with any 3rd party product ● External Identity Providers can also be used or federated into for authentication
AI Driven API Security Data & Application Attacks Advanced Persistent Threats, Data exfiltration, Deletion DoS & DDoS Attacks DDoS API Attack, Login service DDoS Attack, Botnet attacking API Login Attacks Stolen tokens or cookies, Credential stuffing, fuzzing Message Security JSON/XML threat protection, SQL Injection, XS, Schema validation, Encryption & signature, Redaction, AV scanning Access Control Authentication, Authorization, Token Translation Rate Limiting Client Throttling, Provider Throttling, Quotas Network Privacy SSL/TLS </> PingIntelligence for APIs
Additional API Security Capabilities Bot Detection JSON Schema Validation API Keys and Basic Auth support
Traffic Manager ● Real-time decision making based on event history ● Differentiated services ● API Monetization support ● Protection for internal and external environments from rogue clients <Request Event> GatewayGateway Traffic Manager Message Broker Policy Designer <Throttle Event> <Throttle Event> < Policy>
Rate-limiting policies are built into the microgateway runtime Microgateway - Localized Rate Limiting Microgateway OrdersProducts Apply 1000 req/min on Products microservice Apply 500 req/min on Orders microservice
Microgateway - Global Rate Limiting • API deployed on multiple gateways • Centralised counter required to keep track of access • The microgateway submits local counters to the central Traffic Manager asynchronously. • The Traffic Manager accumulates the counters and notifies the gateways whenever traffic should be rate limited. Microgateway Microgateway Traffic Manager Microgateway
Management Plane
API Publisher ● Design, mock and document REST and SOAP APIs. ● Create new versions of APIs ● Gain API usage insights for operational purposes ● Import API definitions ● Apply policies for security, rate limits and message transformations. The Portal for API Designers and Product Managers. ● Validate and publish APIs for public discovery and consumption. ● The central point for managing the API’s Lifecycle. ● Monetize APIs through business plans. ● Gain API usage insights for business purposes. Designers Product Managers
Enhanced User Experience Re-skinned ReactJS based portals * Easy to theme and customise
API Publisher ● Start with an existing endpoint/contract or design and prototype a new API ● Exposing SOAP services (convert to REST or as a passthrough) ● Expose an API with GraphQL support ● Exposing streaming APIs (Websocket endpoints)
● API Design - Over the wizard & with Swagger API Creation
Managed or Prototyped ● Point to a production backend, point at mock backend or prototype at gateway
● Manage stages of an API ● Manage associated states ● Create a new version from an existing ● Audit changes to lifecycle states ● Support for custom lifecycles API Lifecycle Management
Developer Portal The Application Developer Portal known as the API Store. ● ReactJS based ready to be used Dev portal available out-of-the-box. ● Discover, test and subscribe to APIs ● Search through APIs and their documentation ● Rate, comment and participate on discussion forums of the portal ● Try out the API SDKs for faster go-to-market of applications. ● Brand the developer portal to suit your needs ● Manage the lifecycle of applications across environments ● Integrate with third party authorization servers
Productization of APIs API Products • Select operations from different APIs and bundle together as a product • Use different operations of the same API in different products • Monetize the product APIs targeted at different groups
GraphQL Support ● First class support for Graphql APIs ○ Create a Graphql API by importing an SDL schema ○ Identify Graphql APIs automatically in the portals ○ Display operation list instead of resources ○ Display SDL schema instead of open API definition ○ Download option for SDL schema ○ Search option to Graphql type APIs ( type: GRAPHQL) ● Operational Level Security, Authorization and Rate limiting
API Monetization Integration with Billing Engines • Out of the box integration with Stripe • Ability to integrate with any other billing engines
Why CI/CD for APIs? ● Rapid development and deployment of APIs ● Less human interruptions ● Fast delivery to end users ● Time saving and efficiency gain ● Automated process provides greater management flexibility ● Detect issues earlier
Challenges in CI/CD for APIs? ● Organizations are maintaining multiple deployment environments ● APIs associate with multiple policies and configurations ● Environment specific (endpoints) configurations ● Interference with multiple development teams
Environment Specific Configurations ● APIs contain environment specific configurations ● Part of configuration is changing between environments ● Environment specific configurations include ○ Backend endpoints ○ Credentials of backend services ○ Certificates of endpoints ○ Endpoint timeout settings ○ Gateway environments
CI/CD Process Overview
Migrating API Updates
Kubernetes Operator • Making APIs first class citizens in Kubernetes • Automatic deployment into Microgateway • Policies can automatically be applied to the API created • Security and Throttling policies can be applied, tracing, logging and analytics can automatically enabled through the swagger • API created can be pushed to the management plane kubectl add api -n Stocks --from-file="/path/to/stocks/swagger.yaml" apictl import-api -f Stocks -e k8s
Istio Integration • Helps exposing microservices deployed on Istio to be managed as APIs. • Provides an API portal for microservices. • Allows managing the state of microservices via an API lifecycle. • Provides end-user authentication and authorization for microservices deployed on Istio. • Provides business insights for service requests via API portals. • API Gateway can replace the Istio
Deployment Options
API Manager: Deployment Options Our aim - all customers hybrid or cloud by 2021 API Cloud WSO2 Managed Cloud Private On-Premises ● Multi-tenant, shared-everything ● WSO2-hosted and managed ● Pay-as-you-go ● Multi-region availability ● VPN tunnel to private DC ● Guaranteed uptime ● Limited customization options ● Privately hosted ● WSO2 managed ● Upgrades, patches, installation ● Guaranteed uptime ● Full flexibility in customization ● Better control ● Deployed on IaaS of your choice ● Self-hosted ● Self-managed ● Full flexibility ● DevOps learning curve ● Self-managed upgrades Hybrid API Management ● Gateway can be deployed in any containerised environment ● Multiple deployment options including on-prem/cloud, cloud/cloud Cloud Availability Regions: us-east-1 (North Virginia), us-west-2 (Oregon), ap-southeast-2 (Sydney), eu-central-1 (Frankfurt), eu-west-1 (Ireland), and sa-east-1 (Brazil).
Deployment Patterns ● North deployment on Cloud ● Multi-tenanted and centrally managed ● Gateways deployed on premise ● A deployment at each business-unit ● Decentralized or Centralized API Management
Deployment Patterns ● North deployment on Cloud ● Multi-tenanted and centrally managed ● South deployments are on-premise ● A deployment at each business-unit ● Decentralized or Centralized API Management
Deployment Patterns • Microgateways deployed in DMZ handle external API requests • Regular gateways in the LAN handle internal API requests • Gateway chaining a possibility between DMZ and LAN • A single Management Plane for both Microgateways and Regular gateways • Gateways can scale independently of the Control Plane
Future Direction
Future of API Management The two aspects of API Management in the future • API Management in Microservices and Cloud Native Space • Business of APIs
Future of API Management The two aspects of API Management in the future • API Management in Microservices and Cloud Native Space “API management will natively become part of Microservices frameworks” • Business of APIs “There will be more innovations on value additions and monetization aspects of APIs”
Future of API Management WSO2’s future API strategy considers both these aspects equally important. We will continue to innovate in both these areas. Our vision is to bring the best-of the world Hybrid experience of these two areas to our users
API Manager ● API categorisations (in addition to tags) ● Federated API Marketplaces. ● First-class integration with observability tools such as Prometheus. ● First class support for federated apps (login with Facebook, Google). ● Istio integration v2.0. Microgateway ● Microgateway toolkit (compiler) as a service ● Mutable microgateway runtimes ● Private jet microgateways that are directly deployable from the control plane (API Manager) ● Serverless enablement of microgateways with KNative ● Composable microgateways for app developers to deploy “application gateways” ● Self-tuning capability to cater to APIs of different scale Near-Term Mid-Term Future WSO2 API-M Product Roadmap API Manager ● Direct integration of the API Gateway with AWS Lambda. ● Integration with 42curnch for API security best practices and API spec governance. ● Enhanced API analytics with better visualization and drill downs. Microgateway ● gRPC and Web Socket support ● Fully self-serviced microgateway with simplified UX. ● Microgateway for Spring Boot Microservices. ● Heterogeneous control plane support to generate microgateways from public hosted open API definitions ● Pluggable authentication schemes ● Globally shareable policies through Policy-Hub ● Support for virtual hosts ● Integration with Consul for service discovery API Manager and Microgateway ● Extending support for dynamic (third-party) gateways. ● Dynamic registration of microgateways on API Manager ● Support for serverless API gateways ● Personalization of APIs for API consumers, which can be deployed on personal API gateways (private-jet) ● API gateways for event-driven microservices communications ● In-process sidecar API gateway for Ballerina ● Additional defenses for attack vectors, such as via machine learning and honeypots ● Control plane support with xDS APIs ● Microgateway as the edge gateway (ingress gateway) in Kubernetes ● Heterogeneous request/response transformation support ● Built-in billing
Customers
External API Portals/Marketplaces Internal API Portals WSO2 API Manager: 250+ Subscription Customers
THANK YOU wso2.com

Recommended

[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...
[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...
[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...WSO2
 
Real-Time ETL in Practice with WSO2 Enterprise Integrator
Real-Time ETL in Practice with WSO2 Enterprise IntegratorReal-Time ETL in Practice with WSO2 Enterprise Integrator
Real-Time ETL in Practice with WSO2 Enterprise IntegratorWSO2
 
Digital Transformation for Karnataka Bank Through API-led Integration
Digital Transformation for Karnataka Bank Through API-led IntegrationDigital Transformation for Karnataka Bank Through API-led Integration
Digital Transformation for Karnataka Bank Through API-led IntegrationWSO2
 
Exposing GraphQLs as Managed APIs
Exposing GraphQLs as Managed APIsExposing GraphQLs as Managed APIs
Exposing GraphQLs as Managed APIsWSO2
 
Exposing Lambda Functions as Managed APIs
Exposing Lambda Functions as Managed APIsExposing Lambda Functions as Managed APIs
Exposing Lambda Functions as Managed APIsWSO2
 
Deploying GraphQL Services as Managed APIs
Deploying GraphQL Services as Managed APIsDeploying GraphQL Services as Managed APIs
Deploying GraphQL Services as Managed APIsWSO2
 
Continuous Integration and Continuous Deployment (CI/CD) with WSO2 Enterprise...
Continuous Integration and Continuous Deployment (CI/CD) with WSO2 Enterprise...Continuous Integration and Continuous Deployment (CI/CD) with WSO2 Enterprise...
Continuous Integration and Continuous Deployment (CI/CD) with WSO2 Enterprise...WSO2
 
Explore the Latest on WSO2 Identity Server 5.11
Explore the Latest on WSO2 Identity Server 5.11Explore the Latest on WSO2 Identity Server 5.11
Explore the Latest on WSO2 Identity Server 5.11WSO2
 

Recommended

[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...
[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...
[APIdays Paris 2019] API Management in Service Mesh Using Istio and WSO2 API ...WSO2
 
Real-Time ETL in Practice with WSO2 Enterprise Integrator
Real-Time ETL in Practice with WSO2 Enterprise IntegratorReal-Time ETL in Practice with WSO2 Enterprise Integrator
Real-Time ETL in Practice with WSO2 Enterprise IntegratorWSO2
 
Digital Transformation for Karnataka Bank Through API-led Integration
Digital Transformation for Karnataka Bank Through API-led IntegrationDigital Transformation for Karnataka Bank Through API-led Integration
Digital Transformation for Karnataka Bank Through API-led IntegrationWSO2
 
Exposing GraphQLs as Managed APIs
Exposing GraphQLs as Managed APIsExposing GraphQLs as Managed APIs
Exposing GraphQLs as Managed APIsWSO2
 
Exposing Lambda Functions as Managed APIs
Exposing Lambda Functions as Managed APIsExposing Lambda Functions as Managed APIs
Exposing Lambda Functions as Managed APIsWSO2
 
Deploying GraphQL Services as Managed APIs
Deploying GraphQL Services as Managed APIsDeploying GraphQL Services as Managed APIs
Deploying GraphQL Services as Managed APIsWSO2
 
Continuous Integration and Continuous Deployment (CI/CD) with WSO2 Enterprise...
Continuous Integration and Continuous Deployment (CI/CD) with WSO2 Enterprise...Continuous Integration and Continuous Deployment (CI/CD) with WSO2 Enterprise...
Continuous Integration and Continuous Deployment (CI/CD) with WSO2 Enterprise...WSO2
 
Explore the Latest on WSO2 Identity Server 5.11
Explore the Latest on WSO2 Identity Server 5.11Explore the Latest on WSO2 Identity Server 5.11
Explore the Latest on WSO2 Identity Server 5.11WSO2
 
Rate Limiting GQLs Using Depth and Complexity Analysis
Rate Limiting GQLs Using Depth and Complexity AnalysisRate Limiting GQLs Using Depth and Complexity Analysis
Rate Limiting GQLs Using Depth and Complexity AnalysisWSO2
 
Building and Deploying Complex Streaming Data Processing Pipelines with WSO2 ...
Building and Deploying Complex Streaming Data Processing Pipelines with WSO2 ...Building and Deploying Complex Streaming Data Processing Pipelines with WSO2 ...
Building and Deploying Complex Streaming Data Processing Pipelines with WSO2 ...WSO2
 
Adaptive Scaling of Microgateways on Kubernetes
Adaptive Scaling of Microgateways on KubernetesAdaptive Scaling of Microgateways on Kubernetes
Adaptive Scaling of Microgateways on KubernetesWSO2
 
API Management for GraphQL
API Management for GraphQLAPI Management for GraphQL
API Management for GraphQLWSO2
 
What’s new in WSO2 Enterprise Integrator 6.6
What’s new in WSO2 Enterprise Integrator 6.6What’s new in WSO2 Enterprise Integrator 6.6
What’s new in WSO2 Enterprise Integrator 6.6WSO2
 
[WSO2 Summit Americas 2020] Creating Smart Endpoints Using Integration Micros...
[WSO2 Summit Americas 2020] Creating Smart Endpoints Using Integration Micros...[WSO2 Summit Americas 2020] Creating Smart Endpoints Using Integration Micros...
[WSO2 Summit Americas 2020] Creating Smart Endpoints Using Integration Micros...WSO2
 
WSO2 Product Release Webinar - Whats new in the WSO2 API Manager
WSO2 Product Release Webinar - Whats new in the WSO2 API ManagerWSO2 Product Release Webinar - Whats new in the WSO2 API Manager
WSO2 Product Release Webinar - Whats new in the WSO2 API ManagerWSO2
 
Creating a Scalable and Decentralized API Management Architecture with WSO2 A...
Creating a Scalable and Decentralized API Management Architecture with WSO2 A...Creating a Scalable and Decentralized API Management Architecture with WSO2 A...
Creating a Scalable and Decentralized API Management Architecture with WSO2 A...WSO2
 
WSO2 API microgateway introduction
WSO2 API microgateway introductionWSO2 API microgateway introduction
WSO2 API microgateway introductionChanaka Fernando
 
[WSO2 API Manager Community Call] Expose Services as Managed APIs
[WSO2 API Manager Community Call] Expose Services as Managed APIs [WSO2 API Manager Community Call] Expose Services as Managed APIs
[WSO2 API Manager Community Call] Expose Services as Managed APIs WSO2
 
API-Centric Hybrid Integration Platform for Microservices or ESB Style Archit...
API-Centric Hybrid Integration Platform for Microservices or ESB Style Archit...API-Centric Hybrid Integration Platform for Microservices or ESB Style Archit...
API-Centric Hybrid Integration Platform for Microservices or ESB Style Archit...WSO2
 
[Webinar] WSO2 Enterprise Integrator 7.1.0 Release
[Webinar] WSO2 Enterprise Integrator 7.1.0 Release[Webinar] WSO2 Enterprise Integrator 7.1.0 Release
[Webinar] WSO2 Enterprise Integrator 7.1.0 ReleaseWSO2
 
[WSO2Con EU 2018] Up-Leveling Brownfield Integration
[WSO2Con EU 2018] Up-Leveling Brownfield Integration[WSO2Con EU 2018] Up-Leveling Brownfield Integration
[WSO2Con EU 2018] Up-Leveling Brownfield IntegrationWSO2
 
How to Build a Scalable, Distributed, Multi-Cloud API Architecture on Kubernetes
How to Build a Scalable, Distributed, Multi-Cloud API Architecture on KubernetesHow to Build a Scalable, Distributed, Multi-Cloud API Architecture on Kubernetes
How to Build a Scalable, Distributed, Multi-Cloud API Architecture on KubernetesWSO2
 
BI Studio profile
BI Studio profileBI Studio profile
BI Studio profileVassily Buzuyev
 
Stream Processing in Action
Stream Processing in ActionStream Processing in Action
Stream Processing in ActionWSO2
 
Productising your Microservices as API Products
Productising your Microservices as API ProductsProductising your Microservices as API Products
Productising your Microservices as API ProductsWSO2
 
WSO2- OSC Korea - Accelerating Digital Businesses with APIs
WSO2- OSC Korea - Accelerating Digital Businesses with APIsWSO2- OSC Korea - Accelerating Digital Businesses with APIs
WSO2- OSC Korea - Accelerating Digital Businesses with APIsWSO2
 
[WSO2Con EU 2018] Enabling Agile Integration Teams
[WSO2Con EU 2018] Enabling Agile Integration Teams[WSO2Con EU 2018] Enabling Agile Integration Teams
[WSO2Con EU 2018] Enabling Agile Integration TeamsWSO2
 
Digital Asset Governance for the Enterprise
Digital Asset Governance for the EnterpriseDigital Asset Governance for the Enterprise
Digital Asset Governance for the EnterpriseWSO2
 
API Management within a Microservice Architecture
API Management within a Microservice ArchitectureAPI Management within a Microservice Architecture
API Management within a Microservice ArchitectureWSO2
 
API Management Within a Microservices Architecture
API Management Within a Microservices Architecture API Management Within a Microservices Architecture
API Management Within a Microservices Architecture Nadeesha Gamage
 

More Related Content

What's hot

Rate Limiting GQLs Using Depth and Complexity Analysis
Rate Limiting GQLs Using Depth and Complexity AnalysisRate Limiting GQLs Using Depth and Complexity Analysis
Rate Limiting GQLs Using Depth and Complexity AnalysisWSO2
 
Building and Deploying Complex Streaming Data Processing Pipelines with WSO2 ...
Building and Deploying Complex Streaming Data Processing Pipelines with WSO2 ...Building and Deploying Complex Streaming Data Processing Pipelines with WSO2 ...
Building and Deploying Complex Streaming Data Processing Pipelines with WSO2 ...WSO2
 
Adaptive Scaling of Microgateways on Kubernetes
Adaptive Scaling of Microgateways on KubernetesAdaptive Scaling of Microgateways on Kubernetes
Adaptive Scaling of Microgateways on KubernetesWSO2
 
API Management for GraphQL
API Management for GraphQLAPI Management for GraphQL
API Management for GraphQLWSO2
 
What’s new in WSO2 Enterprise Integrator 6.6
What’s new in WSO2 Enterprise Integrator 6.6What’s new in WSO2 Enterprise Integrator 6.6
What’s new in WSO2 Enterprise Integrator 6.6WSO2
 
[WSO2 Summit Americas 2020] Creating Smart Endpoints Using Integration Micros...
[WSO2 Summit Americas 2020] Creating Smart Endpoints Using Integration Micros...[WSO2 Summit Americas 2020] Creating Smart Endpoints Using Integration Micros...
[WSO2 Summit Americas 2020] Creating Smart Endpoints Using Integration Micros...WSO2
 
WSO2 Product Release Webinar - Whats new in the WSO2 API Manager
WSO2 Product Release Webinar - Whats new in the WSO2 API ManagerWSO2 Product Release Webinar - Whats new in the WSO2 API Manager
WSO2 Product Release Webinar - Whats new in the WSO2 API ManagerWSO2
 
Creating a Scalable and Decentralized API Management Architecture with WSO2 A...
Creating a Scalable and Decentralized API Management Architecture with WSO2 A...Creating a Scalable and Decentralized API Management Architecture with WSO2 A...
Creating a Scalable and Decentralized API Management Architecture with WSO2 A...WSO2
 
WSO2 API microgateway introduction
WSO2 API microgateway introductionWSO2 API microgateway introduction
WSO2 API microgateway introductionChanaka Fernando
 
[WSO2 API Manager Community Call] Expose Services as Managed APIs
[WSO2 API Manager Community Call] Expose Services as Managed APIs [WSO2 API Manager Community Call] Expose Services as Managed APIs
[WSO2 API Manager Community Call] Expose Services as Managed APIs WSO2
 
API-Centric Hybrid Integration Platform for Microservices or ESB Style Archit...
API-Centric Hybrid Integration Platform for Microservices or ESB Style Archit...API-Centric Hybrid Integration Platform for Microservices or ESB Style Archit...
API-Centric Hybrid Integration Platform for Microservices or ESB Style Archit...WSO2
 
[Webinar] WSO2 Enterprise Integrator 7.1.0 Release
[Webinar] WSO2 Enterprise Integrator 7.1.0 Release[Webinar] WSO2 Enterprise Integrator 7.1.0 Release
[Webinar] WSO2 Enterprise Integrator 7.1.0 ReleaseWSO2
 
[WSO2Con EU 2018] Up-Leveling Brownfield Integration
[WSO2Con EU 2018] Up-Leveling Brownfield Integration[WSO2Con EU 2018] Up-Leveling Brownfield Integration
[WSO2Con EU 2018] Up-Leveling Brownfield IntegrationWSO2
 
How to Build a Scalable, Distributed, Multi-Cloud API Architecture on Kubernetes
How to Build a Scalable, Distributed, Multi-Cloud API Architecture on KubernetesHow to Build a Scalable, Distributed, Multi-Cloud API Architecture on Kubernetes
How to Build a Scalable, Distributed, Multi-Cloud API Architecture on KubernetesWSO2
 
Stream Processing in Action
Stream Processing in ActionStream Processing in Action
Stream Processing in ActionWSO2
 
Productising your Microservices as API Products
Productising your Microservices as API ProductsProductising your Microservices as API Products
Productising your Microservices as API ProductsWSO2
 
WSO2- OSC Korea - Accelerating Digital Businesses with APIs
WSO2- OSC Korea - Accelerating Digital Businesses with APIsWSO2- OSC Korea - Accelerating Digital Businesses with APIs
WSO2- OSC Korea - Accelerating Digital Businesses with APIsWSO2
 
[WSO2Con EU 2018] Enabling Agile Integration Teams
[WSO2Con EU 2018] Enabling Agile Integration Teams[WSO2Con EU 2018] Enabling Agile Integration Teams
[WSO2Con EU 2018] Enabling Agile Integration TeamsWSO2
 
Digital Asset Governance for the Enterprise
Digital Asset Governance for the EnterpriseDigital Asset Governance for the Enterprise
Digital Asset Governance for the EnterpriseWSO2
 

What's hot (20)

Rate Limiting GQLs Using Depth and Complexity Analysis
Rate Limiting GQLs Using Depth and Complexity AnalysisRate Limiting GQLs Using Depth and Complexity Analysis
Rate Limiting GQLs Using Depth and Complexity Analysis
 
Building and Deploying Complex Streaming Data Processing Pipelines with WSO2 ...
Building and Deploying Complex Streaming Data Processing Pipelines with WSO2 ...Building and Deploying Complex Streaming Data Processing Pipelines with WSO2 ...
Building and Deploying Complex Streaming Data Processing Pipelines with WSO2 ...
 
Adaptive Scaling of Microgateways on Kubernetes
Adaptive Scaling of Microgateways on KubernetesAdaptive Scaling of Microgateways on Kubernetes
Adaptive Scaling of Microgateways on Kubernetes
 
API Management for GraphQL
API Management for GraphQLAPI Management for GraphQL
API Management for GraphQL
 
What’s new in WSO2 Enterprise Integrator 6.6
What’s new in WSO2 Enterprise Integrator 6.6What’s new in WSO2 Enterprise Integrator 6.6
What’s new in WSO2 Enterprise Integrator 6.6
 
[WSO2 Summit Americas 2020] Creating Smart Endpoints Using Integration Micros...
[WSO2 Summit Americas 2020] Creating Smart Endpoints Using Integration Micros...[WSO2 Summit Americas 2020] Creating Smart Endpoints Using Integration Micros...
[WSO2 Summit Americas 2020] Creating Smart Endpoints Using Integration Micros...
 
WSO2 Product Release Webinar - Whats new in the WSO2 API Manager
WSO2 Product Release Webinar - Whats new in the WSO2 API ManagerWSO2 Product Release Webinar - Whats new in the WSO2 API Manager
WSO2 Product Release Webinar - Whats new in the WSO2 API Manager
 
Creating a Scalable and Decentralized API Management Architecture with WSO2 A...
Creating a Scalable and Decentralized API Management Architecture with WSO2 A...Creating a Scalable and Decentralized API Management Architecture with WSO2 A...
Creating a Scalable and Decentralized API Management Architecture with WSO2 A...
 
WSO2 API microgateway introduction
WSO2 API microgateway introductionWSO2 API microgateway introduction
WSO2 API microgateway introduction
 
[WSO2 API Manager Community Call] Expose Services as Managed APIs
[WSO2 API Manager Community Call] Expose Services as Managed APIs [WSO2 API Manager Community Call] Expose Services as Managed APIs
[WSO2 API Manager Community Call] Expose Services as Managed APIs
 
API-Centric Hybrid Integration Platform for Microservices or ESB Style Archit...
API-Centric Hybrid Integration Platform for Microservices or ESB Style Archit...API-Centric Hybrid Integration Platform for Microservices or ESB Style Archit...
API-Centric Hybrid Integration Platform for Microservices or ESB Style Archit...
 
[Webinar] WSO2 Enterprise Integrator 7.1.0 Release
[Webinar] WSO2 Enterprise Integrator 7.1.0 Release[Webinar] WSO2 Enterprise Integrator 7.1.0 Release
[Webinar] WSO2 Enterprise Integrator 7.1.0 Release
 
[WSO2Con EU 2018] Up-Leveling Brownfield Integration
[WSO2Con EU 2018] Up-Leveling Brownfield Integration[WSO2Con EU 2018] Up-Leveling Brownfield Integration
[WSO2Con EU 2018] Up-Leveling Brownfield Integration
 
How to Build a Scalable, Distributed, Multi-Cloud API Architecture on Kubernetes
How to Build a Scalable, Distributed, Multi-Cloud API Architecture on KubernetesHow to Build a Scalable, Distributed, Multi-Cloud API Architecture on Kubernetes
How to Build a Scalable, Distributed, Multi-Cloud API Architecture on Kubernetes
 
BI Studio profile
BI Studio profileBI Studio profile
BI Studio profile
 
Stream Processing in Action
Stream Processing in ActionStream Processing in Action
Stream Processing in Action
 
Productising your Microservices as API Products
Productising your Microservices as API ProductsProductising your Microservices as API Products
Productising your Microservices as API Products
 
WSO2- OSC Korea - Accelerating Digital Businesses with APIs
WSO2- OSC Korea - Accelerating Digital Businesses with APIsWSO2- OSC Korea - Accelerating Digital Businesses with APIs
WSO2- OSC Korea - Accelerating Digital Businesses with APIs
 
[WSO2Con EU 2018] Enabling Agile Integration Teams
[WSO2Con EU 2018] Enabling Agile Integration Teams[WSO2Con EU 2018] Enabling Agile Integration Teams
[WSO2Con EU 2018] Enabling Agile Integration Teams
 
Digital Asset Governance for the Enterprise
Digital Asset Governance for the EnterpriseDigital Asset Governance for the Enterprise
Digital Asset Governance for the Enterprise
 

Similar to WSO2 for API-Driven Integration

API Management within a Microservice Architecture
API Management within a Microservice ArchitectureAPI Management within a Microservice Architecture
API Management within a Microservice ArchitectureWSO2
 
API Management Within a Microservices Architecture
API Management Within a Microservices Architecture API Management Within a Microservices Architecture
API Management Within a Microservices Architecture Nadeesha Gamage
 
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0WSO2
 
APIConnect Security Best Practice
APIConnect Security Best PracticeAPIConnect Security Best Practice
APIConnect Security Best PracticeShiu-Fun Poon
 
[Workshop] Managing the API lifecycle with Open Source Technologies
[Workshop] Managing the API lifecycle with Open Source Technologies[Workshop] Managing the API lifecycle with Open Source Technologies
[Workshop] Managing the API lifecycle with Open Source TechnologiesWSO2
 
WSO2 Workshop Sydney 2016 - APIs
WSO2 Workshop Sydney 2016 - APIsWSO2 Workshop Sydney 2016 - APIs
WSO2 Workshop Sydney 2016 - APIsDassana Wijesekara
 
Gateway/APIC security
Gateway/APIC securityGateway/APIC security
Gateway/APIC securityShiu-Fun Poon
 
What's new in API Connect and DataPower - 2019
What's new in API Connect and DataPower - 2019What's new in API Connect and DataPower - 2019
What's new in API Connect and DataPower - 2019IBM DataPower Gateway
 
WSO2Con EU 2015: API Management Strategies and Best Practices
WSO2Con EU 2015: API Management Strategies and Best PracticesWSO2Con EU 2015: API Management Strategies and Best Practices
WSO2Con EU 2015: API Management Strategies and Best PracticesWSO2
 
WSO2 User Group Bangalore Meetup
WSO2 User Group Bangalore MeetupWSO2 User Group Bangalore Meetup
WSO2 User Group Bangalore MeetupWSO2
 
Synergies across APIs and IAM
Synergies across APIs and IAMSynergies across APIs and IAM
Synergies across APIs and IAMSagara Gunathunga
 
[APIdays NY] Managing the usage of Asynchronous APIs: What does it take?
[APIdays NY] Managing the usage of Asynchronous APIs: What does it take?[APIdays NY] Managing the usage of Asynchronous APIs: What does it take?
[APIdays NY] Managing the usage of Asynchronous APIs: What does it take?WSO2
 
João Emilio Santos Bento da Silva - Estratégia de APIs
João Emilio Santos Bento da Silva - Estratégia de APIsJoão Emilio Santos Bento da Silva - Estratégia de APIs
João Emilio Santos Bento da Silva - Estratégia de APIsDevCamp Campinas
 
Global Azure 2022 - Architecting Modern Serverless APIs with Azure Functions ...
Global Azure 2022 - Architecting Modern Serverless APIs with Azure Functions ...Global Azure 2022 - Architecting Modern Serverless APIs with Azure Functions ...
Global Azure 2022 - Architecting Modern Serverless APIs with Azure Functions ...Callon Campbell
 
apidays LIVE New York 2021 - Managing the usage of Asynchronous APIs: What do...
apidays LIVE New York 2021 - Managing the usage of Asynchronous APIs: What do...apidays LIVE New York 2021 - Managing the usage of Asynchronous APIs: What do...
apidays LIVE New York 2021 - Managing the usage of Asynchronous APIs: What do...apidays
 
WSO2Con USA 2017: Brokerage as a Service (BaaS), Transforming Fidelity Broker...
WSO2Con USA 2017: Brokerage as a Service (BaaS), Transforming Fidelity Broker...WSO2Con USA 2017: Brokerage as a Service (BaaS), Transforming Fidelity Broker...
WSO2Con USA 2017: Brokerage as a Service (BaaS), Transforming Fidelity Broker...WSO2
 
Six Steps To Build A Successful API
Six Steps To Build A Successful APISix Steps To Build A Successful API
Six Steps To Build A Successful APIChris Haddad
 
Six Steps to Build Successful APIs
Six Steps to Build Successful APIsSix Steps to Build Successful APIs
Six Steps to Build Successful APIsWSO2
 
WSO2Con EU 2015: Securing, Monitoring and Monetizing APIs
WSO2Con EU 2015: Securing, Monitoring and Monetizing APIsWSO2Con EU 2015: Securing, Monitoring and Monetizing APIs
WSO2Con EU 2015: Securing, Monitoring and Monetizing APIsWSO2
 

Similar to WSO2 for API-Driven Integration (20)

API Management within a Microservice Architecture
API Management within a Microservice ArchitectureAPI Management within a Microservice Architecture
API Management within a Microservice Architecture
 
API Management Within a Microservices Architecture
API Management Within a Microservices Architecture API Management Within a Microservices Architecture
API Management Within a Microservices Architecture
 
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
 
APIConnect Security Best Practice
APIConnect Security Best PracticeAPIConnect Security Best Practice
APIConnect Security Best Practice
 
[Workshop] Managing the API lifecycle with Open Source Technologies
[Workshop] Managing the API lifecycle with Open Source Technologies[Workshop] Managing the API lifecycle with Open Source Technologies
[Workshop] Managing the API lifecycle with Open Source Technologies
 
WSO2 Workshop Sydney 2016 - APIs
WSO2 Workshop Sydney 2016 - APIsWSO2 Workshop Sydney 2016 - APIs
WSO2 Workshop Sydney 2016 - APIs
 
Gateway/APIC security
Gateway/APIC securityGateway/APIC security
Gateway/APIC security
 
What's new in API Connect and DataPower - 2019
What's new in API Connect and DataPower - 2019What's new in API Connect and DataPower - 2019
What's new in API Connect and DataPower - 2019
 
WSO2Con EU 2015: API Management Strategies and Best Practices
WSO2Con EU 2015: API Management Strategies and Best PracticesWSO2Con EU 2015: API Management Strategies and Best Practices
WSO2Con EU 2015: API Management Strategies and Best Practices
 
WSO2 User Group Bangalore Meetup
WSO2 User Group Bangalore MeetupWSO2 User Group Bangalore Meetup
WSO2 User Group Bangalore Meetup
 
API Gateway report
API Gateway reportAPI Gateway report
API Gateway report
 
Synergies across APIs and IAM
Synergies across APIs and IAMSynergies across APIs and IAM
Synergies across APIs and IAM
 
[APIdays NY] Managing the usage of Asynchronous APIs: What does it take?
[APIdays NY] Managing the usage of Asynchronous APIs: What does it take?[APIdays NY] Managing the usage of Asynchronous APIs: What does it take?
[APIdays NY] Managing the usage of Asynchronous APIs: What does it take?
 
João Emilio Santos Bento da Silva - Estratégia de APIs
João Emilio Santos Bento da Silva - Estratégia de APIsJoão Emilio Santos Bento da Silva - Estratégia de APIs
João Emilio Santos Bento da Silva - Estratégia de APIs
 
Global Azure 2022 - Architecting Modern Serverless APIs with Azure Functions ...
Global Azure 2022 - Architecting Modern Serverless APIs with Azure Functions ...Global Azure 2022 - Architecting Modern Serverless APIs with Azure Functions ...
Global Azure 2022 - Architecting Modern Serverless APIs with Azure Functions ...
 
apidays LIVE New York 2021 - Managing the usage of Asynchronous APIs: What do...
apidays LIVE New York 2021 - Managing the usage of Asynchronous APIs: What do...apidays LIVE New York 2021 - Managing the usage of Asynchronous APIs: What do...
apidays LIVE New York 2021 - Managing the usage of Asynchronous APIs: What do...
 
WSO2Con USA 2017: Brokerage as a Service (BaaS), Transforming Fidelity Broker...
WSO2Con USA 2017: Brokerage as a Service (BaaS), Transforming Fidelity Broker...WSO2Con USA 2017: Brokerage as a Service (BaaS), Transforming Fidelity Broker...
WSO2Con USA 2017: Brokerage as a Service (BaaS), Transforming Fidelity Broker...
 
Six Steps To Build A Successful API
Six Steps To Build A Successful APISix Steps To Build A Successful API
Six Steps To Build A Successful API
 
Six Steps to Build Successful APIs
Six Steps to Build Successful APIsSix Steps to Build Successful APIs
Six Steps to Build Successful APIs
 
WSO2Con EU 2015: Securing, Monitoring and Monetizing APIs
WSO2Con EU 2015: Securing, Monitoring and Monetizing APIsWSO2Con EU 2015: Securing, Monitoring and Monetizing APIs
WSO2Con EU 2015: Securing, Monitoring and Monetizing APIs
 

More from WSO2

Accelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessAccelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessWSO2
 
How to Create a Service in Choreo
How to Create a Service in ChoreoHow to Create a Service in Choreo
How to Create a Service in ChoreoWSO2
 
Ballerina Tech Talk - May 2023
Ballerina Tech Talk - May 2023Ballerina Tech Talk - May 2023
Ballerina Tech Talk - May 2023WSO2
 
Platform Strategy to Deliver Digital Experiences on Azure
Platform Strategy to Deliver Digital Experiences on AzurePlatform Strategy to Deliver Digital Experiences on Azure
Platform Strategy to Deliver Digital Experiences on AzureWSO2
 
GartnerITSymSessionSlides.pdf
GartnerITSymSessionSlides.pdfGartnerITSymSessionSlides.pdf
GartnerITSymSessionSlides.pdfWSO2
 
[Webinar] How to Create an API in Minutes
[Webinar] How to Create an API in Minutes[Webinar] How to Create an API in Minutes
[Webinar] How to Create an API in MinutesWSO2
 
Modernizing the Student Journey with Ethos Identity
Modernizing the Student Journey with Ethos IdentityModernizing the Student Journey with Ethos Identity
Modernizing the Student Journey with Ethos IdentityWSO2
 
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...WSO2
 
CIO Summit Berlin 2022.pptx.pdf
CIO Summit Berlin 2022.pptx.pdfCIO Summit Berlin 2022.pptx.pdf
CIO Summit Berlin 2022.pptx.pdfWSO2
 
Delivering New Digital Experiences Fast - Introducing Choreo
Delivering New Digital Experiences Fast - Introducing ChoreoDelivering New Digital Experiences Fast - Introducing Choreo
Delivering New Digital Experiences Fast - Introducing ChoreoWSO2
 
Fueling the Digital Experience Economy with Connected Products
Fueling the Digital Experience Economy with Connected ProductsFueling the Digital Experience Economy with Connected Products
Fueling the Digital Experience Economy with Connected ProductsWSO2
 
A Reference Methodology for Agile Digital Businesses
A Reference Methodology for Agile Digital Businesses A Reference Methodology for Agile Digital Businesses
A Reference Methodology for Agile Digital BusinessesWSO2
 
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)WSO2
 
Lessons from the pandemic - From a single use case to true transformation
Lessons from the pandemic - From a single use case to true transformation Lessons from the pandemic - From a single use case to true transformation
Lessons from the pandemic - From a single use case to true transformationWSO2
 
Adding Liveliness to Banking Experiences
Adding Liveliness to Banking ExperiencesAdding Liveliness to Banking Experiences
Adding Liveliness to Banking ExperiencesWSO2
 
Building a Future-ready Bank
Building a Future-ready BankBuilding a Future-ready Bank
Building a Future-ready BankWSO2
 
WSO2 API Manager Community Call - November 2021
WSO2 API Manager Community Call - November 2021WSO2 API Manager Community Call - November 2021
WSO2 API Manager Community Call - November 2021WSO2
 
[API World ] - Managing Asynchronous APIs
[API World ] - Managing Asynchronous APIs[API World ] - Managing Asynchronous APIs
[API World ] - Managing Asynchronous APIsWSO2
 
[API World 2021 ] - Understanding Cloud Native Deployment
[API World 2021 ] - Understanding Cloud Native Deployment[API World 2021 ] - Understanding Cloud Native Deployment
[API World 2021 ] - Understanding Cloud Native DeploymentWSO2
 
[API Word 2021] - Quantum Duality of “API as a Business and a Technology”
[API Word 2021] - Quantum Duality of “API as a Business and a Technology”[API Word 2021] - Quantum Duality of “API as a Business and a Technology”
[API Word 2021] - Quantum Duality of “API as a Business and a Technology”WSO2
 

More from WSO2 (20)

Accelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessAccelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with Platformless
 
How to Create a Service in Choreo
How to Create a Service in ChoreoHow to Create a Service in Choreo
How to Create a Service in Choreo
 
Ballerina Tech Talk - May 2023
Ballerina Tech Talk - May 2023Ballerina Tech Talk - May 2023
Ballerina Tech Talk - May 2023
 
Platform Strategy to Deliver Digital Experiences on Azure
Platform Strategy to Deliver Digital Experiences on AzurePlatform Strategy to Deliver Digital Experiences on Azure
Platform Strategy to Deliver Digital Experiences on Azure
 
GartnerITSymSessionSlides.pdf
GartnerITSymSessionSlides.pdfGartnerITSymSessionSlides.pdf
GartnerITSymSessionSlides.pdf
 
[Webinar] How to Create an API in Minutes
[Webinar] How to Create an API in Minutes[Webinar] How to Create an API in Minutes
[Webinar] How to Create an API in Minutes
 
Modernizing the Student Journey with Ethos Identity
Modernizing the Student Journey with Ethos IdentityModernizing the Student Journey with Ethos Identity
Modernizing the Student Journey with Ethos Identity
 
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...
 
CIO Summit Berlin 2022.pptx.pdf
CIO Summit Berlin 2022.pptx.pdfCIO Summit Berlin 2022.pptx.pdf
CIO Summit Berlin 2022.pptx.pdf
 
Delivering New Digital Experiences Fast - Introducing Choreo
Delivering New Digital Experiences Fast - Introducing ChoreoDelivering New Digital Experiences Fast - Introducing Choreo
Delivering New Digital Experiences Fast - Introducing Choreo
 
Fueling the Digital Experience Economy with Connected Products
Fueling the Digital Experience Economy with Connected ProductsFueling the Digital Experience Economy with Connected Products
Fueling the Digital Experience Economy with Connected Products
 
A Reference Methodology for Agile Digital Businesses
A Reference Methodology for Agile Digital Businesses A Reference Methodology for Agile Digital Businesses
A Reference Methodology for Agile Digital Businesses
 
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)
 
Lessons from the pandemic - From a single use case to true transformation
Lessons from the pandemic - From a single use case to true transformation Lessons from the pandemic - From a single use case to true transformation
Lessons from the pandemic - From a single use case to true transformation
 
Adding Liveliness to Banking Experiences
Adding Liveliness to Banking ExperiencesAdding Liveliness to Banking Experiences
Adding Liveliness to Banking Experiences
 
Building a Future-ready Bank
Building a Future-ready BankBuilding a Future-ready Bank
Building a Future-ready Bank
 
WSO2 API Manager Community Call - November 2021
WSO2 API Manager Community Call - November 2021WSO2 API Manager Community Call - November 2021
WSO2 API Manager Community Call - November 2021
 
[API World ] - Managing Asynchronous APIs
[API World ] - Managing Asynchronous APIs[API World ] - Managing Asynchronous APIs
[API World ] - Managing Asynchronous APIs
 
[API World 2021 ] - Understanding Cloud Native Deployment
[API World 2021 ] - Understanding Cloud Native Deployment[API World 2021 ] - Understanding Cloud Native Deployment
[API World 2021 ] - Understanding Cloud Native Deployment
 
[API Word 2021] - Quantum Duality of “API as a Business and a Technology”
[API Word 2021] - Quantum Duality of “API as a Business and a Technology”[API Word 2021] - Quantum Duality of “API as a Business and a Technology”
[API Word 2021] - Quantum Duality of “API as a Business and a Technology”
 

Recently uploaded

Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Hyundai Motor Group
 
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetHyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetEnjoy Anytime
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 

Recently uploaded (20)

Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2
 
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetHyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 

WSO2 for API-Driven Integration

  • 1. WSO2 for API-Driven Integration Johann Dilantha Nallathamby Associate Director/Solutions Architect
  • 2. Image Area WSO2 is the world’s #1 open source integration vendor, helping digital-driven organizations become integration agile.Today, hundreds of leading brands and thousands of global projects execute 6 trillion transactions annually using WSO2 integration technologies. Visit https://wso2.com to learn more. About WSO2
  • 3. We are an API-led Integration Platform
  • 4. Start with API management... IDENTITY SERVER Secure and federated identity For APIs and integration 60M identities managed ENTERPRISE INTEGRATOR Quick, iterative integration of any app, data, or system 6 trillion transactions / yr Complement APIs with integration, security and analytics to connect apps and data. API MANAGER API design, creation, reuse, governance, and analytics 20K APIs Open Source API Management, Integration, Identity WSO2 API-Led Integration Platform ● Identity management ● Identity federation / SSO ● Identity bridging ● API and microservices security ● Strong and adaptive Auth ● Access control ● Privacy control ● IAM and security analytics ● API analytics ● API designer ● API gateway ● API microgateway ● API publisher ● API storefront/marketplace ● API repository/registry ● ESB ● Integration designer ● Message broker ● Workflows ● Business rules ● Streaming engine ● Stream processing ● Integration analytics
  • 5. Solutions: Telco | Open Banking | Healthcare | GDPR | WSO2 Architecture for Agility WSO2 Methodology for Agility Cloud-Native Integration Kubernetes | Docker | Ballerina | Cellery IDENTITY & ACCESS MANAGEMENT ENTERPRISE INTEGRATION API MANAGEMENT Hybrid Deployment WSO2 Managed Cloud | WSO2 Hosted Cloud | On-premises Open source, hybrid, API-led integration Putting It Together: WSO2 Integration Agile Platform
  • 7. Product Overview WSO2 API Manager is a fully open source approach to addressing any spectrum of API lifecycle, monetization and policy enforcement.
  • 8. “...the only fully open source solution in our Wave analysis, WSO2 provides good breadth across all evaluation criteria.” Leader in the Forrester Wave: API Management Solutions, Q4 2018
  • 9. KuppingerCole Leadership Compass on API Management and Security - Nov 2019
  • 10. KuppingerCole Leadership compass on API Management and Security - Nov 2019
  • 12. Why APIs? ● To drive innovation and accelerate go to market process. ● As marketing channel or lead generation source. ● To acquire new customers and users. ● Expand your business with partners or resellers. ● Build audience and an ecosystem around your products. ● Integrate your services with different devices and systems. ● Sell your data to external parties. ● Extend your products or services.
  • 14. WSO2 API Manager Components • API Publisher • API Gateway / Microgateway • API Store / developer portal • Key Manager • Traffic Manager • Analytics An open source approach for full API lifecycle management, monetization, and policy enforcement. Allows extensibility and customization, ensures freedom from lock-in.
  • 15. Gateway Broad portfolio of API management functionality ( * = New since 2018) Internal and External API Management API Manager: Core Competencies ○ Policy Enablement ○ Protocol Handling ○ Transformation ○ Microgateway* ○ Mobile & Multi-experience ○ Data & Data as a Service Security ○ OAuth2 ○ OIDC ○ Federated ID ○ SSO ○ JWT ○ AI driven API Security* Analytics Cloud Native ○ Business value reporting ○ Streaming & event-driven analytics ○ Real-time alerting ○ Traffic management ○ Monetization ○ Istio integration* ○ Installations - Kubernetes, Docker, PCF. ○ Monitoring with Prometheus / Grafana* ○ Improved CI/CD* Portal/Store ○ API Marketplaces ○ Monetization hooks / partners ○ Flexible theme-based architecture ○ Registry and versioning model Multiple plug-points and extensibility | Open source projects | Flexible deployment options
  • 17. Gateways - API Runtime options ● Multiple Gateway options ○ MicroGW : Immutable, container native, ideal for greenfield projects ○ Regular : Robust, API driven, ideal for brownfield projects ○ Both use the same management plane ○ Both can be used together in the same deployment ● Hybrid option: Gateways close to services, Mgt. plane on cloud ● Both can scale without management plane ● Gateways are identity provider agnostic -> Can work with any key manager as long as trust is established and a signed token is used
  • 18. • Can scale with or without Key Manager • Supports SOAP and WebSocket based APIs in addition to REST • Automatic SOAP to REST conversion • Config driven mediation support Standard Gateway Gateway Key Manager Traffic Manager <RES T> <SOA P> <WebSock et> HTTP HTTP HTTP HTTP JMS HTTP
  • 19. ● Designed to scale ○ Self-validating tokens ○ Localized rate limiting ○ Offline analytics ○ Immutable ○ Stateless ● Ideal to be deployed in a locked-down env such as DMZ ● Native support for Docker/K8S ● Private Jet Gateway for microservices ● First-class support for lifecycle management across environments WSO2 API Microgateway
  • 20. WSO2 API Microgateway Components • Gateway runtime • Toolkit
  • 21. Cloud-native Capabilities ● Low footprint ○ 70 MB of distribution size. ○ < 100 MB of memory. ○ < 1 core CPU. ● Faster scaling ○ < 1s startup time (fixed) ○ Independent execution with no dependencies on other components. ● Portability ○ Works natively on Docker/Kubernetes. ○ Immutable gateway runtimes. ○ Fully automated CI/CD. ○ Platform independent. ● Observable ○ Metrics available through Prometheus ○ Tracing available through Jaeger.
  • 23. Key Manager and Traffic Manager ● Scalable and flexible authentication and authorization policy enforcement based on OAuth2.0 and other protocols. ● Integration with third party authorization services ● Supports a wide range of application types such as mobile, web, SPA, wearable devices, biometrics, etc ● Social integration for login via social networks and other IDPs. ● Rate limits used for billing and metering purposes ● Fair usage policy enforcements ● Rate limits based on user privilege, location, device type, etc. ● Rate limits for target services Security Rate Limiting
  • 24. Security - Standard OAuth2.0 Gateway Request Access Token (with scopes) Provide Opaque Token Client Application sends Token to Gateway Validate Token 1 2 3 4
  • 25. Security - Signed JWT Client Application sends Signed JWT to Gateways Gateway Gateway Request Access Token (with scopes) Provide Signed JWT 1 2 3 3 4 4
  • 26. Authorization & Introspection ● Secure Token Service can be replaced with any 3rd party product ● External Identity Providers can also be used or federated into for authentication
  • 27. AI Driven API Security Data & Application Attacks Advanced Persistent Threats, Data exfiltration, Deletion DoS & DDoS Attacks DDoS API Attack, Login service DDoS Attack, Botnet attacking API Login Attacks Stolen tokens or cookies, Credential stuffing, fuzzing Message Security JSON/XML threat protection, SQL Injection, XS, Schema validation, Encryption & signature, Redaction, AV scanning Access Control Authentication, Authorization, Token Translation Rate Limiting Client Throttling, Provider Throttling, Quotas Network Privacy SSL/TLS </> PingIntelligence for APIs
  • 28. Additional API Security Capabilities Bot Detection JSON Schema Validation API Keys and Basic Auth support
  • 29. Traffic Manager ● Real-time decision making based on event history ● Differentiated services ● API Monetization support ● Protection for internal and external environments from rogue clients <Request Event> GatewayGateway Traffic Manager Message Broker Policy Designer <Throttle Event> <Throttle Event> < Policy>
  • 30. Rate-limiting policies are built into the microgateway runtime Microgateway - Localized Rate Limiting Microgateway OrdersProducts Apply 1000 req/min on Products microservice Apply 500 req/min on Orders microservice
  • 31. Microgateway - Global Rate Limiting • API deployed on multiple gateways • Centralised counter required to keep track of access • The microgateway submits local counters to the central Traffic Manager asynchronously. • The Traffic Manager accumulates the counters and notifies the gateways whenever traffic should be rate limited. Microgateway Microgateway Traffic Manager Microgateway
  • 33. API Publisher ● Design, mock and document REST and SOAP APIs. ● Create new versions of APIs ● Gain API usage insights for operational purposes ● Import API definitions ● Apply policies for security, rate limits and message transformations. The Portal for API Designers and Product Managers. ● Validate and publish APIs for public discovery and consumption. ● The central point for managing the API’s Lifecycle. ● Monetize APIs through business plans. ● Gain API usage insights for business purposes. Designers Product Managers
  • 34. Enhanced User Experience Re-skinned ReactJS based portals * Easy to theme and customise
  • 35. API Publisher ● Start with an existing endpoint/contract or design and prototype a new API ● Exposing SOAP services (convert to REST or as a passthrough) ● Expose an API with GraphQL support ● Exposing streaming APIs (Websocket endpoints)
  • 36. ● API Design - Over the wizard & with Swagger API Creation
  • 37. Managed or Prototyped ● Point to a production backend, point at mock backend or prototype at gateway
  • 38. ● Manage stages of an API ● Manage associated states ● Create a new version from an existing ● Audit changes to lifecycle states ● Support for custom lifecycles API Lifecycle Management
  • 39. Developer Portal The Application Developer Portal known as the API Store. ● ReactJS based ready to be used Dev portal available out-of-the-box. ● Discover, test and subscribe to APIs ● Search through APIs and their documentation ● Rate, comment and participate on discussion forums of the portal ● Try out the API SDKs for faster go-to-market of applications. ● Brand the developer portal to suit your needs ● Manage the lifecycle of applications across environments ● Integrate with third party authorization servers
  • 40. Productization of APIs API Products • Select operations from different APIs and bundle together as a product • Use different operations of the same API in different products • Monetize the product APIs targeted at different groups
  • 41. GraphQL Support ● First class support for Graphql APIs ○ Create a Graphql API by importing an SDL schema ○ Identify Graphql APIs automatically in the portals ○ Display operation list instead of resources ○ Display SDL schema instead of open API definition ○ Download option for SDL schema ○ Search option to Graphql type APIs ( type: GRAPHQL) ● Operational Level Security, Authorization and Rate limiting
  • 42. API Monetization Integration with Billing Engines • Out of the box integration with Stripe • Ability to integrate with any other billing engines
  • 43. Why CI/CD for APIs? ● Rapid development and deployment of APIs ● Less human interruptions ● Fast delivery to end users ● Time saving and efficiency gain ● Automated process provides greater management flexibility ● Detect issues earlier
  • 44. Challenges in CI/CD for APIs? ● Organizations are maintaining multiple deployment environments ● APIs associate with multiple policies and configurations ● Environment specific (endpoints) configurations ● Interference with multiple development teams
  • 45. Environment Specific Configurations ● APIs contain environment specific configurations ● Part of configuration is changing between environments ● Environment specific configurations include ○ Backend endpoints ○ Credentials of backend services ○ Certificates of endpoints ○ Endpoint timeout settings ○ Gateway environments
  • 48. Kubernetes Operator • Making APIs first class citizens in Kubernetes • Automatic deployment into Microgateway • Policies can automatically be applied to the API created • Security and Throttling policies can be applied, tracing, logging and analytics can automatically enabled through the swagger • API created can be pushed to the management plane kubectl add api -n Stocks --from-file="/path/to/stocks/swagger.yaml" apictl import-api -f Stocks -e k8s
  • 49. Istio Integration • Helps exposing microservices deployed on Istio to be managed as APIs. • Provides an API portal for microservices. • Allows managing the state of microservices via an API lifecycle. • Provides end-user authentication and authorization for microservices deployed on Istio. • Provides business insights for service requests via API portals. • API Gateway can replace the Istio
  • 51. API Manager: Deployment Options Our aim - all customers hybrid or cloud by 2021 API Cloud WSO2 Managed Cloud Private On-Premises ● Multi-tenant, shared-everything ● WSO2-hosted and managed ● Pay-as-you-go ● Multi-region availability ● VPN tunnel to private DC ● Guaranteed uptime ● Limited customization options ● Privately hosted ● WSO2 managed ● Upgrades, patches, installation ● Guaranteed uptime ● Full flexibility in customization ● Better control ● Deployed on IaaS of your choice ● Self-hosted ● Self-managed ● Full flexibility ● DevOps learning curve ● Self-managed upgrades Hybrid API Management ● Gateway can be deployed in any containerised environment ● Multiple deployment options including on-prem/cloud, cloud/cloud Cloud Availability Regions: us-east-1 (North Virginia), us-west-2 (Oregon), ap-southeast-2 (Sydney), eu-central-1 (Frankfurt), eu-west-1 (Ireland), and sa-east-1 (Brazil).
  • 52. Deployment Patterns ● North deployment on Cloud ● Multi-tenanted and centrally managed ● Gateways deployed on premise ● A deployment at each business-unit ● Decentralized or Centralized API Management
  • 53. Deployment Patterns ● North deployment on Cloud ● Multi-tenanted and centrally managed ● South deployments are on-premise ● A deployment at each business-unit ● Decentralized or Centralized API Management
  • 54. Deployment Patterns • Microgateways deployed in DMZ handle external API requests • Regular gateways in the LAN handle internal API requests • Gateway chaining a possibility between DMZ and LAN • A single Management Plane for both Microgateways and Regular gateways • Gateways can scale independently of the Control Plane
  • 56. Future of API Management The two aspects of API Management in the future • API Management in Microservices and Cloud Native Space • Business of APIs
  • 57. Future of API Management The two aspects of API Management in the future • API Management in Microservices and Cloud Native Space “API management will natively become part of Microservices frameworks” • Business of APIs “There will be more innovations on value additions and monetization aspects of APIs”
  • 58. Future of API Management WSO2’s future API strategy considers both these aspects equally important. We will continue to innovate in both these areas. Our vision is to bring the best-of the world Hybrid experience of these two areas to our users
  • 59. API Manager ● API categorisations (in addition to tags) ● Federated API Marketplaces. ● First-class integration with observability tools such as Prometheus. ● First class support for federated apps (login with Facebook, Google). ● Istio integration v2.0. Microgateway ● Microgateway toolkit (compiler) as a service ● Mutable microgateway runtimes ● Private jet microgateways that are directly deployable from the control plane (API Manager) ● Serverless enablement of microgateways with KNative ● Composable microgateways for app developers to deploy “application gateways” ● Self-tuning capability to cater to APIs of different scale Near-Term Mid-Term Future WSO2 API-M Product Roadmap API Manager ● Direct integration of the API Gateway with AWS Lambda. ● Integration with 42curnch for API security best practices and API spec governance. ● Enhanced API analytics with better visualization and drill downs. Microgateway ● gRPC and Web Socket support ● Fully self-serviced microgateway with simplified UX. ● Microgateway for Spring Boot Microservices. ● Heterogeneous control plane support to generate microgateways from public hosted open API definitions ● Pluggable authentication schemes ● Globally shareable policies through Policy-Hub ● Support for virtual hosts ● Integration with Consul for service discovery API Manager and Microgateway ● Extending support for dynamic (third-party) gateways. ● Dynamic registration of microgateways on API Manager ● Support for serverless API gateways ● Personalization of APIs for API consumers, which can be deployed on personal API gateways (private-jet) ● API gateways for event-driven microservices communications ● In-process sidecar API gateway for Ballerina ● Additional defenses for attack vectors, such as via machine learning and honeypots ● Control plane support with xDS APIs ● Microgateway as the edge gateway (ingress gateway) in Kubernetes ● Heterogeneous request/response transformation support ● Built-in billing
  • 61. External API Portals/Marketplaces Internal API Portals WSO2 API Manager: 250+ Subscription Customers