API Manager Product Roadmap
Updated 1H 2019



  • Developer-first user experience of the microgateway
  • Out-of-the-box support for other authentication and authorization mechanisms over Basic auth and mutual TLS
  • Support for HTTP2
  • Integration with Etcd for service discovery
  • Integration with Consul for service discovery
  • Shared rate limiting with the traffic manager
  • JSON schema validation at the microgateway

API Manager

  • Unified search on the developer portal
  • Enhanced support for API documentation
  • Enhance support for GraphQL by introducing GraphQL specific documentation
  • Enhanced analytics covering more scenarios and robust drill down capabilities
  • Improved support for changing API endpoints based on environmental factors
  • Revamped UX based on React based SPAs and a simplified configuration model
  • Productization of API groups
  • First-class Integration with observability tools such as Prometheus
  • Integration of API Management with service mesh technology
  • Tighter integrations to the Kubernetes ecosystem
  • API Manager with a new architecture for simplified user experience and management, high degrees of scalability and dynamicity and easy customizability and extensions
  • Revocation of self-contained access tokens (JWTs)
  • Extending support for dynamic (third party) gateways via specifying gateway URLs per API
  • Built-in billing
  • Dynamic registration of microgateways on API Management
  • Support for serverless API Gateways
  • Personalization of APIs for API consumers which can be deployed on personal API Gateways (private-jet)
  • Native/Embedded API Management on large scale cloud infrastructures such as Kubernetes
  • API Gateway for event driven microservice communications
  • In-process sidecar API Gateway for Ballerina
  • Additional defenses for attack vectors such as via machine learning, honeypots, etc.


APIs are touching every facet of our society and the underlying trends that are going to generate nearly 1 billion APIs in the coming years. All digital transformation is now API-driven and integration technologies underpin their evolution.

API Management provides full lifecycle management of APIs for a variety of scenarios, whether B2B access, internal development, shared libraries, or monetization. WSO2 has been shipping our offering for 6 years and it has expanded to include a macro and micro gateway, embedded analytics and API identity, and API development tooling.

WSO2 provides a complete set of capabilities that allow our customers to pursue any kind of API strategy. We front-end our offering with our ESB, identity server, and embedded analytics offerings to provide means to digitally transform legacy infrastructure into APIs. And our entire integration stack is open source - as well as available in on-premises, hybrid or cloud offerings.


Our vision for API Management is to help organizations expose their services to internal consumers, external consumers and partners in a secure, controlled and monitored environment. In doing so we want to enable.

  1. API developers - to develop, test, deploy APIs and repeat as easy, flexible and fast as possible on cloud, multi-cloud, hybrid-cloud and on-premise infrastructures.
  2. API product managers - to productize, monetize and manage the lifecycle of APIs and to get deep business insights about API consumer patterns and trends.
  3. Application developers - to search, discover, learn and test APIs and develop applications with ease.
  4. API users - to be able to get access to their data and services in a secure environment which guarantees privacy and confidentiality and enables fair usage to all.
  5. Operation specialists - to be able to easily scale API infrastructures on demand, apply upgrades with ease and easily integrate with CI/CD tools for better operational efficiency.

As the world embraces microservices as the upcoming norm of enterprise architecture, our vision is to enable the surrounding API ecosystem which empowers architects and developers alike to build secure scalable solutions adhering to the principles of microservices.

In doing so the WSO2 API Manager will evolve to seamlessly integrate with service mesh solutions such as Istio, Linkerd, service registries such as etcd, consul and naturally integrate with containers and container orchestration solutions such as Docker, Kubernetes.

Another key objective is to stay focused on the agility of the developer/integrator workflow in this process. With the rise of microservices driving an exponential growth in programmable endpoints, our vision is that API Management needs to better blend into standard service development and management lifecycles.

Finally, we are driving a strategic priority to support cell-based architecture patterns and serverless API gateways to enable short-lived, dynamic APIs and composable customized API gateways.


The content herein is shared in order to outline some of our current product plans but it is important to understand that it is being shared for INFORMATIONAL PURPOSES ONLY, and not as a binding commitment, promise or legal obligation to deliver any material, code or functionality. Any references to the development, release and timing of any products, features or functionality remains at the sole discretion of WSO2. Product capabilities, timeframes and features are subject to change.