|API Publisher||Provides an end user, collaborative Web interface for API providers to publish APIs, share documentation, provision API keys, and gather feedback on API features, quality and usage. For API Publisher use cases, see API Developer Tutorials.|
|API Store||Provides an end-user, collaborative Web interface for API consumers to self register, discover API functionality, subscribe to APIs, evaluate them and interact with API publishers. For API Store use cases, see Application Developer Tutorials.|
A runtime, back end component (an API proxy) developed using WSO2 ESB. API Gateway secures, protects, manages, and scales API calls. It intercepts API requests, applies policies such as throttling and security using handlers and manages API statistics. Upon validation of a policy, the Gateway passes Web service calls to the actual back end. If the service call is a token request, the Gateway passes it directly to the Key Manager.
|Key Manager||Handles all security and key-related operations. The Gateway connects with the key manager to check the validity of OAuth tokens when APIs are invoked. The key manager also provides a token API to generate OAuth tokens that can be accessed via the Gateway. All tokens used for validation are based on OAuth 2.0.0 protocol. Secure authorization of APIs is provided by the OAuth 2.0 standard for key management. The API Gateway supports API authentication with OAuth 2.0, and enables IT organizations to enforce rate limits and throttling policies. |
When the Gateway receives API invocation calls, it similarly contacts the Key Manager service for verification. If is not enabled at the Gateway level, this verification call happens every time the Gateway receives an API invocation call . For this verification, the Gateway passes access token, API, API version to the Key Manager. Communication between API Gateway and Key Manager happens in either of the following ways:
If your setup has a cluster of multiple Key Manager nodes that are fronted by a WSO2 ELB instance for load balancing, change the key management protocol from Thrift to WSClient using the
When an API is created, a file with its synapse configuration is added to the API Gateway. You can find it in the
Let's see what each handler does:
For a detailed description of handlers and how to write a custom handler, see Writing Custom Handlers.
|Statistics||Additionally, statistics are provided by the monitoring component, which integrates with WSO2 BAM.|