API Manager

WSO2 API Manager

WSO2 API Manager is a complete solution for publishing APIs, creating and managing a developer community and for scalably routing API traffic. It leverages proven, production-ready, integration, security and governance components from the WSO2 Enterprise Service Bus, WSO2 Identity Server, and WSO2 Governance Registry. In addition, as it is also powered by the WSO2 Business Activity Monitor, the WSO2 API Manager is ready for massively scalable deployment immediately.

As with all WSO2 products, the WSO2 API Manager is 100% open source. Designed for easy customization, it is extensively pluggable to integrate with existing infrastructure in your enterprise.


Analyst Reports

The Forrester Wave:API Management Platforms, Q1 2013

White Papers

WSO2 and API Management - A Technical Evaluation Guidewhite Paper - Promoting service reuse within your enterprise and maximizing SOA success


API Manager Comparison Datasheet

Upcoming Events

The Integration Ecosystem

Tuesday, 13th May 2014


API Store

API Publisher


  • Create a Store of all Available APIs:

    • Graphical experience similar to Android Marketplace or Apple App Store.
    • Browse APIs by provider, tags or name.
    • Self-registration to developer community to subscribe to APIs.
    • Subscribe to APIs and manage subscriptions on per-application basis.
    • Subscriptions can be at different service tiers based on expected usage levels.
    • Role based access to API Store; manage public and private APIs.
    • Manage subscriptions at a per-developer level.
    • Browse API documentation, download helpers for easy consumption.
    • Comment on and rate APIs.
    • Forum for discussing API usage issues (Available soon in future version).
    • Try APIs directly on the store front.
    • Internationalization (i18n) support.
  • Publishing and Governing API Use:

    • Publish APIs to external consumers and partners, as well as internal users.
    • Supports publishing multiple protocols including SOAP, REST, JSON and XML style services as APIs.
    • Manage API versions and deployment status by version.
    • Govern the API lifecycle (publish, deprecate, retire).
    • Attach documentation (files, external URLs) to APIs.
    • Apply Security policies to APIs (authentication, authorization).
    • Associate API available to system defined service tiers.
    • Provision and Manage API keys.
    • Track consumers per API.
    • One-click deployment to API Gateway for immediate publishing.
  • Route API Traffic:

    • Supports API authentication with OAuth2.
    • Extremely high performance pass-through message routing with sub-millisecond latency.
    • Enforce rate limiting and throttling policies for APIs by consumer.
    • Horizontally scalable with easy deployment into cluster using proven routing infrastructure.
    • Scales to millions of developers/users.
    • Capture all statistics and push to pluggable analytics system.
    • Configure API routing policies with capabilities of WSO2 Enterprise Service Bus.
    • Powered by WSO2 Enterprise Service Bus.
  • Manage Developer Community:

    • Self-sign up for API consumption.
    • Manage user account including password reset.
    • Developer interaction with APIs via comments and ratings.
    • Support for developer communication via forums (Available soon in future version).
    • Powered by WSO2 Identity Server.
  • Govern Complete API Lifecycle:

    • Manage API lifecycle from cradle to grave: create, publish, block, deprecate and retire.
    • Publish both production and sandbox keys for APIs to enable easy developer testing.
    • Publish APIs to partner networks such as ProgrammableWeb (Available soon in future version).
    • Powered by WSO2 Governance Registry.
  • Monitor API Usage & Performance:

    • All API usage published to pluggable analytics framework.
    • Out of the box support for WSO2 Business Activity Monitor and Google Analytics.
    • View metrics by user, API and more.
    • Customized reporting via plugging reporting engines.
    • Monitor SLA compliance.
    • Powered by WSO2 Business Activity Monitor.
  • Pluggable, Extensible & Themeable:

    • All components are highly customizable thru styling, theming and open source code.
    • Storefront implemented with Jaggery (jaggeryjs.org) for easy customization.
    • Pluggable to third party analytics systems and billing systems (Available soon in future version).
    • Pluggable to existing user stores including via JDBC and LDAP.
    • Components usable separately - storefront can be used to front APIs gatewayed via third party gateways such as Intel Expressway Service Gateway.
  • Easily Deployable in Enterprise Setting:

    • Role based access control for managing users and their authorization levels.
    • Store front can be deployed in DMZ for external access with Publisher inside the firewall for private control.
    • Different user stores for developer focused store-front and internal operations in publisher.
    • Integrates with enterprise identity systems including LDAP and Microsoft Active Directory.
    • Gateway can be deployed in DMZ with controlled access to WSO2 Identity Server (for authentication/authorization) and governance database behind firewall.
  • Support for creating multi-tenanted APIs

    • Run a single instance and provide API Management to multiple customers
    • Share APIs between different departments in a large enterprise
  • Pluggable, Extensible & Themeable

    • Support for Single Sign On (SSO) using SAML 2.0 for easy integration with existing web apps
  • Publishing and Governing API Use

    • Document an API using Swagger
    • Restrict API Access tokens to domains/IPs
    • Ability to block a subscription & restricting a complete application
    • Ability to revoke access tokens
    • Separate validity period configuration for Application Access Token
    • OAuth2 Authorization Code Grant Type Support
    • Configuring execution point of mediation extensions
  • Monitor API Usage & Performance

    • Improved dashboard for monitoring usage statistics (Filtering data for a date range, More visually appealing widgets)