This document discusses the new features in WSO2 API Manager 1.3.0, including authorization per resource, a built-in Try-It tool for testing APIs, application-level throttling, restrictive visibility of public vs. private APIs, integration with Google Analytics, and fault statistics graphs. It provides an overview of API Manager and how it is used to publish, secure, monitor and analyze usage of APIs.
WSO2 Product Release Webinar - Whats new in the WSO2 API Manager
1. What's New In The WSO2 API
Manager 1.3.0
Nuwan Dias, WSO2 Inc.
January 2013
2. Agenda
● Introduction to the API Manager
● Separation of Concerns (SoC)
● Key New Features
● Authorization Per Resource
● Built In Try-It Tool
● Public vs Private APIs
● Google Analytics Integration
● Application Level Throttling
3. APIs
An API is a business capability delivered over the
Internet to internal or external consumers.
● Network Accessible Function
● Available Using Standard Web Protocols
● With well defined Interfaces
● Designed for access by third parties
● Scope
– Internal
– Between Partners
– Between Customers
– Open
4. Managed APIs
● Actively Advertised
● Subscribe-able
● Available with SLAs
● Secured, Authenticated, Authorized and
Protected
● Monitored
● Monetized with Analytics
5. WSO2 API Manager
● API Publishing, API Store, Gateway, Key-Manager and
Statistics.
● An Open Source API Management Platform
● Apache 2 License
● Built on top of the award winning WSO2 Carbon platform
● Built using proved WSO2 components
– Enterprise Service Bus
– Identity Server
– Governance Registry
– Business Activity Monitor
– Jaggery
● Latest version – 1.3.0
7. Key New Features
● Authorization per Resource
● Built in Try-It tool for testing APIs
● Application level throttling
● Restrictive API visibility (Public vs Private APIs)
● Google Analytics Integration
● Access Token Revoking functionality
● Fault Statistics
● Enhanced Self Registration
● HTTPS Support (Basic Auth)
● Workflow extension support for self sign-up process
● PostgreSQL DB Support
● i18n Support
● New theme for API Store
8. Authorization per Resource
● Specify more fine grained authorization for the
API
● Open APIs to public – No tokens required
● Request for specific token type – Application
Token / Application User Token