In this community call, we will discuss
- Streaming API support in WSO2 API Manager 4.0.0
- Live demo
- Q/A
Sign up to get notified of future calls: https://bit.ly/373f4ae
WSO2 API Manager Community Channels:
- Slack: https://apim-slack.wso2.com
- Twitter: https://twitter.com/wso2apimanager
Recording: https://youtu.be/BXzBf-EXKG4
3. 3
1
2
3
4
Sync vs Async Communication
Overview
Synchronous vs Asynchronous APIs
Why Asynchronous APIs?
Asynchronous API Usages
5 API Management for Streaming APIs
6 Supported Protocols for Streaming APIs
7 Demonstration
6. Why Asynchronous APIs ?
6
● Increasing demand to access real-time information.
● Unlike conventional request/response APIs (e.g., REST
and SOAP), asynchronous APIs can send multiple
responses to a single request.
● Usage of an event backbone technology and topics.
● Pooling is inefficient and less reactive.
7. ● Receiving notifications about someone's reaction on your social media account.
● A new message notification on your mobile device.
● Live location/schedule updates in transportation scenarios.
● Live sports score updates.
Asynchronous API Usages
7
8. ● Business has lots of endpoints to be managed.
● Organizations are exposing more real time endpoints to expand their business.
● API management related Quality of Service for asynchronous APIs.
⦿ API development and subscription experience across protocols
⦿ Authentication and authorization
⦿ Rate limiting and throttling
⦿ Usage data monitoring and alerting
API Management for Asynchronous APIs
8
9. Streaming APIs
9
● WebSockets
⦿ Computer communications protocol, providing full-duplex communication
● WebHooks
⦿ A webhook in web development is a method of augmenting or altering the behavior
of a web
⦿ Pushing notifications to one or a small number of servers
● Server-Sent Events (SSE)
⦿ SSE is a server push technology enabling a client to receive automatic updates from
a server via an HTTP connection
10. API Development
10
● Users can develop WebSocket API, WebHook API, or SSE API from the scratch.
● Users can start API development with API definition (AsyncAPI).
● Users can manage and monitor the API's lifecycle, documentation, security, community,
and subscriptions.
11. Authentication and Authorization
11
Different protocols ties to different security mechanisms
● Webhook (hub scenarios) use security mechanisms like verification token, signature
(HMAC), mutual TLS.
● WebSocket can be secured with standard OAuth with scopes or any other standard
security mechanism.
● SSE can be secured with tokens.
● Fine grained authorization for topics.
12. Rate Limits and Throttling
12
● Metering and rate limiting has to be applied to both response and request paths separately.
● Ability to support protocol specific rate limits
⦿ Webhook, SSE API can be rate limited with number of events transfer within a day or hour
along with number of active subscriptions at any given time.
⦿ WebSocket APIs can be rate limited based on the data volume transferred.
● Ability to define business plans, rate limiting tiers by combining multiple rate limiting
methodologies.
● Ability to use different rate limiting policies in subscriptions as per Business Plans. You can
use any of the following rate limiting policies when working with monetization.
⦿ Count-based Rate Limiting Policy
⦿ Time-based Rate Limiting Policy
⦿ Count-time Hybrid Rate Limiting Policy
13. Usage Data Monitoring and Alerting
13
● Asynchronous communication is different
⦿ One request - many events
⦿ Responses can come at anytime
⦿ Persistent connections are possible (e.g., WebSockets)
● Capture right events for API usages
● Capture protocol specific usage attributes
⦿ Ex: WebSocket bandwidth, SSE event counts, Webhook active user counts, etc.
● Visualizing collected data
15. ● rooms/{roomID} Join a chat room
● notifications Receive notifications
● support Chat with support (Premium users only)
Chat Service WebSocket API
15
WebSocket API
/rooms/{roomID}
/notifications
/support
WebSocket
Server
/rooms?room={roomID}
/notifications
/support
Web App
Gateway
Backend
ws://localhost:8080