The latest WSO2 API Manager adds native multi-tenancy, automatic generation of API documentation, and SAML-based SSO, running both on servers or in the cloud.
There is a growing trend in the enterprise today: moving away from heavy SOA architectures to lighter and more flexible services offered through Web APIs. These APIs provide access to web services usually based on a REST architecture, transferring data encapsulated in JSON over HTTP. This trend has surpassed the enterprise borders from the beginning, the Web APIs being meant to be consumed by external customers, not just internally by an organization’s departments. The main purpose of Web APIs is to provide others access to one’s data. And this trend is growing because there is more and more data everyday and companies use data in ways not imaged before.
Web APIs may seem very similar to SOA because in the end it offers access to services, but there are some major differences. Being built on the idea of external consumption, such APIs have different management needs from SOA’s: API stores, developer portals, key management, usage metering and billing facilities, etc. This is what WSO2 API Manager does, providing open source tools for publishing, metering and billing API consumption and transparently connecting consumer applications with services that implement such APIs.
The latest release, WSO2 API Manager 1.4.0, introduces native multi-tenancy enabling companies to:
- Provide API management facilities to multiple customers, including the API store, by running a single instance of the API Manager.
- Provide federated access to multiple entities in a large organization. For example, the departments of an enterprise can publish and use their own APIs, having the option to make some of the APIs available to all departments.
WSO2 API Manager runs both on local or remote servers (Linux/Solaris/Windows), on Linux Kernel VM, VMware ESX, or in the cloud, such as WSO2 Stratos, Amazon EC2, etc.
This release also features:
- Support for generating API documentation based on Swagger specification
- Support for single sign-on through the Security Access Mark-up Language (SAML)
- Extended OAuth support for key generation
WSO2 is not the only provider of API management tools. Other prominent vendors are: 3scale, IBM, Intel, Layer 7, Mashery, and Vordel. For more detail and a comparison of various API management tools, we recommend reading The Forrester Wave™: API Management Platforms, Q1 2013.