APIs are taking over every vertical out there with its standards, reusability, and simplicity that are required to operate in the present world. However as the number of APIs grows along with the users who access and use these APIs, the need for proper management and governance is required more than ever.
3. OSC Korea : What Do We Do?
▪ Korea(HQ), China, Japan, Malaysia, Taiwan,
Singapore
▪ Opensource(O), Security(S), Content Delivery(C)
- IT Business Platform 운영
▪ K8S PaaS 플랫폼, APM, API Gateway, Chaos
Engineering, DB Replication, etc.
▪ 리눅스 재단 산하 다양한 프로젝트 (Hyperledger,
Cloud Foundry, CNCF등) 활동
▪ 리눅스 재단 공인 교육센터 운영 (Kubernetes 시스
템 어드민, 개발자 과정 운영)
▪ Cloud Migration, MSA, Cloud Native : Public &
Private Cloud
▪ 주요 프로젝트에 AA, TA, SA, DA 등, 핵심 Tech.
Architect 조직 지원
▪ 오픈소스 기반 프로젝트 지원 (Apach Kafka, Druid,
Rancher, Kubernetes, KrakenD)
1 OSC Korea : A part of OSC Asia Group 2
3 4
Open source Community Governance
Consulting & Professional Service : Digital
Transformation
WSO2 & OSC Korea Partnership
▪ WSO2 국내 기술지원
▪ Enterprise 고객사 구축지원
▪ Reference 아키텍쳐 / Pilot 프로젝트 지원
▪ WSO2 전담 엔지니어 및 개발자 지원
5. 5
700+ Employees
50% in engineering
500+ Customers
Around the world
(139 New in 2020)
100% Open Source
Flexible deployment; faster time-
to-market
Founded in 2005
Backed by Cisco and Toba
Capital
Global Presence
Colombo, New York, London,
Mountain View, São Paulo,
Sydney, Berlin, Mexico, Italy
16% YoY Growth
6. 6
Unlock New Opportunities
Reap the benefits of digital transformation to
deliver enhanced services, applications, and
experiences.
Microservices, Containers, and Beyond!
Extensibility to provide enhanced offerings for
your customers today—and over the years to
come.
Cost Effective
A competitive pricing structure that doesn’t make
you sacrifice key features.
Accelerate Time-to-Market
Rapidly deliver your core value proposition through
digital products.
The WSO2 Advantage WSO2 API Manager
WSO2 Enterprise Integrator
WSO2 Identity Server
WSO2 Strategic Consulting
WSO2 Open Healthcare
WSO2 Open Banking
7. 7
“The solution is well-suited to buyers with
strategies that combine integration, APIs,
and microservices.”
A Leader in the Forrester WaveTM:
API Management Solutions, Q3 2020
Industry Recognition
8. 8
“WSO2 Identity Server is a strong performer
among the 13 CIAM providers that matter
most according to Forrester Research, Inc..”
A Strong Performer in the Forrester
WaveTM: Customer Identity and
Access Management, Q4 2020
Industry Recognition
9. 9
“WSO2 has a good reputation in IAM and is quickly
expanding in the CIAM market…”
An Overall Leader in KuppingerCole’s
Leadership Compass: CIAM Platforms,
2020
Industry Recognition
10. 10
WSO2 API Manager
Addresses full API lifecycle
management operations. Open,
extensible, customizable.
WSO2 Enterprise Integrator
Hybrid integration platform for quick,
iterative integration of any application,
data, or system.
WSO2 Identity Server
Federates and manages identities
across both cloud service and enterprise
environments.
WSO2 Technology
WSO2 Open Banking
A purpose-built technology platform for
global open banking.
WSO2 Open Healthcare
Towards greater interoperability with a
proven integration platform and FHIR®.
WSO2 Strategic Consulting
Streamline your business objectives and
rapidly achieve key results.
Together, with hundreds of the world’s largest corporations, leading universities, and governments, we execute in
excess of 6 trillion transactions, expose more than 200,000 APIs, and manage over 100 million identities every
single year.
11. 11
Flagship Customer Examples
Applied uses across every industry and geography
Healthcare Government Education Retail Technology
Financial Telecom
Transport
12. API
12
API
Business capability delivered
over the internet for internal and
external consumers
Standard web
protocols
Access by third
parties
Network
accessible
Well defined
interfaces
13. 13
Many Consumers and Providers
Consumer 1
Consumer 2
Consumer 3
Consumer x
Consumer 4
Consumer 5
Provider 1
Provider 2
Provider 3
Provider x
14. 14
Many Consumers and Providers
Consumer 1
Consumer 2
Consumer 3
Consumer x
Consumer 4
Consumer 5
Provider 1
Provider 2
Provider 3
Provider x
In-House Auth
Mechanisms
No
Documentation
Legacy
Protocols
18. 18
Expose APIs to Public
Expose
API
to
Public
Reduce duplication and rework
Innovative ways to build new solutions
Increase growth potential and
partnership advancements
Increase collaborative development
19. WSO2 API Manager
An open source approach to addressing any spectrum of API lifecycle, monetization and
policy enforcement.
21. WSO2 API Manager: Features
21
Design and
Prototype APIs
Control Access and
Enforce Security
Offer a rich
Developer Portal Manage Developer
Community
Manage and Scale
API Traffic
Monitor and
Monetize Plug, extend and
theme
Deploy easily in
Your Enterprise
Support Multiple
Tenants
Publish and
govern API usage
22. WSO2 API Manager: Benefits
22
Reduce
Technology Risk
Make Data-driven
Decisions
Deploy On-premise,
Cloud or Both
Increase Team
Efficiency
Fit Into Multiple
Architectures
Enhance
API Security Reduce Future
Investments
27. 27
Developer Portal
The Application Developer Portal known as the API Store
Find
Evaluate Explore
Subscribe
● View ratings, comments
● Download help and docs
● Try it online
● Ask questions to owner
● Register applications
● Obtain key
● Subscribe to API
● Subscribe to API changes
● Rate API
● Share comments
● Feature requests
● Participate in forums
● View top used, new featured APIs
● Search by name, tag or provider
● Save searches
29. Gateways - API Runtime options
Hybrid option: Gateways close to services, Mgt. plane on cloud
Multiple Gateway options
29
● Micro-GW : Immutable, container native, ideal for greenfield projects
● Regular : Robust, API driven, ideal for brownfield projects
● Both use the same management plane
● Both can be used together in the same deployment
● Both can scale without management plane
● Gateways are identity provider agnostic -> Can work with any key manager as long as
trust is established and a signed token is used
30. Standard Gateway
● The entry point (gateway) into your internal/external APIs.
● The enforcement point of all the security, rate limiting and message mediation
policies.
● The agent which provides the analytics engine with the business insights it needs.
● Caches responses from target APIs to reduce load on the back-end services.
● Supports SOAP and Websockets in addition to REST
● Config driven mediation support
30
Gateway
Key Manager
Traffic
Manager
<REST>
<SOAP
>
<WebSocket>
HTTP
HTTP
HTTP
HTTP
JMS
HTTP
31. Key Manager
● Scalable and flexible authentication and authorization policy enforcement based on OAuth
2.0 and other protocols.
● Integration with third party authorization services
● Supports a wide range of application types such as mobile, web, SPA, wearable devices,
biometrics, etc
● Social integration for login via social networks and other IDPs.
31
32. Authorization & Introspection
Developer Portal
(Store)
Gateway
Authentication
Authorization
Client Management
Token Management
Introspection
Revocation
Federation
● Secure Token Service can be replaced with any 3rd party product
● External Identity Providers can also be used or federated into for authentication
Register User
Retrieve, Update,
Delete [client_id]
Token Introspection
Create Token
Revoke Token
<<Auth / Secure Token Service>>
32
33. Traffic Manager
● Real-time decision making based on event history
● Rate limits used for billing and metering purposes
● Fair usage policy enforcements
● Rate limits based on user privilege, location, device type, etc.
● Protection for internal and external environments from rogue clients
33
<Request Event>
Gateway
Gateway
Traffic Manager
Message Broker
Policy Designer
<Throttle Event> <Throttle Event>
< Policy>
34. API Analytics
34
Analytics for Business Insights and Operational Purposes
● Reports by API usage, top users, top applications, top device types, etc
● Location based reporting to identify hottest destinations
● API performance and health based reporting for operational activities.
● Usage reporting for API users as well as API providers
● Detection and prevention of possible fraud and theft
● Abnormal event detection and reporting
● Change detection of API access patterns and alerting
● API last used details for better lifecycle management
35. API Analytics: Architecture
35
Event Store
APPLICATION
Backend
API Analytics
Dashboards
Real Time Alerts
Admin
Summarized Statistics
API Gateway
API MANAGER
API MANAGER
Analytics
API MANAGER
40. Developer-centric
●API developer’s Toolkit
○ Product binaries = Toolkit + Runtime
○ Developers interact with a CLI
○ to initiate a Project workspace
●Starts with Open API Specification
○ Place Open API contract in workspace
○ Install public certificate
●Build the Executable binaries
●Run and Test
○ Run on local Microgateway installation
○ Package and run on Docker container
Open API
contract
µGW
Toolkit
Certificates
Project
workspac
e
(*.balx)
executable
Container
image
k8s
artefacts
run using
µGW docker image
or
µGW Runtime
run on
Docker runtime
run on
Kubernetes
40
API Micro Gateway
41. 41
API Micro Gateway for Microservices
● First class compatibility to work with Microservices.
● Expose Microservices as managed APIs.
● Compose one or more microservices to be exposed as an API.
● API security and rate limiting for APIs.
● Obtain business insights related to consumption of microservices.
● Access to a control plane to manage the lifecycle and versioning of exposed
interfaces (APIs).
42. 42
Container Native; Is it only the API Microgateway?
● All WSO2 API Manager components can run on containers.
● Docker Compose and Kubernetes artifacts are available for all WSO2 components.
● Docker Compose and Kubernetes artifacts for commonly used deployment patterns
available.
44. 44
API Manager Deployment Patterns
● Componentized product architecture allows flexibility to deploy the product in
different ways.
● Prebuilt deployment patterns to support multiple different use cases.
● Documents and artifacts to support these prebuilt deployment patterns.
● Flexibility to deploy parts of the system on-cloud while the rest of it can be on-
prem
50. 50
Extensibility
● Mediations - writing your own mediation logic
● Security - Custom grant types and security options
● Branding - Theming UI’s and revamping pages
● Workflow - Workflows for user signup, API subscription, application creation
etc.
● API Lifecycle - Extending API Lifecycle
52. 52
We’re making people’s lives richer by embedding financial services at the moment they’re at, and delivering
services to where the customer is at rather than making them come to us.”
Eric Halverson, SVP, head of gateway support & services at Wells Fargo
● Wells Fargo API Gateway - delivers all products and services
digitally to customers securely.
● Faster onboarding of customers (sometimes in one day).
● Customers able to perform range of functions, adding to
their convenience.
Increased
Number of Digital Services
Faster
Customer Onboarding
WSO2 Products API Manager
USA
53. 53
● Qantas launched the platform in 2018 to speed their
development time, provide multi-channel services, and fuel
business agility.
● Within 12 months of the launch, Qantas experienced
amazing results.
We were able to successfully launch the platform with limited remote trial support. Since then, we have had
excellent support from the WSO2 team through both query support and incident troubleshooting and patching.”
Samuel Purchase, principal engineer API Management Platform at Qantas
Australia
WSO2 Products API Manager
500%
Traffic Increase
½ Cost
for Operations
10x
Published APIs