Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Readme update proposal #13611

Closed
wants to merge 3 commits into from
Closed

Readme update proposal #13611

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
0893584
initial changes
isamauny Dec 11, 2024
b710870
applied draft format
isamauny Dec 11, 2024
9967a44
fix badges
Dec 11, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
311 changes: 61 additions & 250 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,289 +1,100 @@
<img src="https://wso2.cachefly.net/wso2/sites/all/image_resources/wso2-branding-logos/wso2-logo.png" alt="WSO2 logo" width=50% height=50% />

# WSO2 API Manager


[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)
[![stackoverflow](https://img.shields.io/badge/Get%20Support%20on%20Stack%20Overflow-wso2am-orange)](https://stackoverflow.com/tags/wso2-am/)
[![Join the community on Discord](https://img.shields.io/badge/Join%20us%20on%20Discord-wso2--apim-blueviolet)](https://discord.com/invite/wso2)

---

WSO2 API Manager is a complete platform for building, integrating, and exposing your digital services as managed APIs in the cloud, on-premise, and hybrid architectures to drive your digital transformation strategy.

[![Build Status](https://wso2.org/jenkins/job/products/job/product-apim/badge/icon)](https://wso2.org/jenkins/job/products/job/product-apim/)
[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)
[![stackoverflow](https://img.shields.io/badge/stackoverflow-wso2am-orange)](https://stackoverflow.com/tags/wso2-am/)
[![slack](https://img.shields.io/badge/slack-wso2--apim-blueviolet)](https://join.slack.com/t/wso2-apim/shared_invite/enQtNzEzMzk5Njc5MzM0LTgwODI3NmQ1MjI0ZDQyMGNmZGI4ZjdkZmI1ZWZmMjNkY2E0NmY3ZmExYjkxYThjNzNkOTU2NWJmYzM4YzZiOWU?src=sidebar)
It allows API developers to design, publish, and manage the lifecycle of APIs and API product managers to create API products from one or more APIs.

---
To learn more about WSO2 API Manager please visit https://wso2.com/products/api-manager.

> If you run your workloads on Kubernetes, we recommend you check our specific solution for the Kubernetes platform https://wso2.com/api-platform-for-k8s/
>

WSO2 API Manager (WSO2 API-M) is a powerful platform for creating, managing, consuming, and
monitoring web APIs. It combines tried and tested SOA best practices with modern
day API management principles to solve a wide range of enterprise challenges
associated with API provisioning, governance, and integration.
# Why WSO2 API Manager?

WSO2 API Manager consists of several loosely coupled modules.
From simple scenarios to comprehensive protocol support, WSO2 API Manager can handle it all. Use industry standards or extend our platform to integrate with your existing business needs, applications, and architectures. Tailor it to your exact use case, whether that means customizing the user interface, mediation, security, or integrating third-party solutions.

* API Publisher
* API Developer Portal
* API Gateway
* API Key Manager
* API Traffic Manager
### Interoperability with Open Standards

* Achieve seamless interoperability between diverse systems without vendor lock-in, utilizing modern approaches with REST, GraphQL, and AsyncAPIs.
* Unlock collaborative innovation, long-term sustainability, enhanced security, and regulatory compliance.
* Strategically adopt modern service delivery and development paradigms without leaving behind the legacy systems that made you successful in the first place.

The API publisher module allows API publishers to easily define APIs and manage them
using a strong governance model that consists of well-established concepts such as,
versioning and lifecycles. API consumers can use the API Developer Portal to discover
published, production-ready APIs and access them in a secure and reliable manner
using unique API keys. The built-in API Gateway module provides powerful tools to
secure and control the load on individual APIs.
### Advanced Integration Support

WSO2 API Manager is based on the revolutionary WSO2 Carbon [Middleware a' la carte]
framework. All the major features have been developed as reusable Carbon
components.
The integration runtime supports creating composite microservices, message routing, transformation, message mediation, service orchestration, as well as consuming and processing streaming data.

To learn more about WSO2 API Manager please visit http://wso2.com/products/api-manager.
### Extensibility and Customizability

Key Features
WSO2 API Manager is a versatile and adaptable platform, capable of catering to the requirements of enterprises of all sizes, ranging from emerging startups to well-established businesses with decades of history. It presents user-friendly extension opportunities to tailor authenticators, policies, mediations, API lifecycles, workflows, portals, and login pages to your specific needs.

Getting Started
=============
<details>
<summary>Design and Prototype APIs</summary>

- Design APIs, gather developer's feedback before implementing (API First Design).
- Design can be done from the publishing interface or by importing an existing Swagger definition.
- Deploy a prototyped API, provide early access to APIs, and get early feedback.
- Mock API implementation using Javascript.
- Support publishing SOAP, REST, JSON, and XML style services as XML.
</details>


<details>
<summary>Create a Developer Portal of All the Available APIs</summary>

- Graphical experience similar to Android Marketplace or Apple App Store.
- Browse APIs by provider, tags, or name.
- Self-registration to developer community to subscribe to APIs.
- Subscribe to APIs and manage subscriptions on per-application basis.
- Subscriptions can be at different service tiers based on the expected usage levels.
- Role based access to API Developer Portal, which helps to manage public and private APIs.
- Manage subscriptions per-developer.
- Browse API documentation, download helpers for easy consumption.
- Comment on and rate APIs.
- Forum for discussing API usage issues (Available soon in a future version).
- Try APIs directly on the Developer Portal.
- Internationalization (i18n) support.
</details>

<details>
<summary>Publishing and Governing API use</summary>

- Publish APIs to external consumers and partners, as well as internal users.
- Supports publishing multiple protocols including SOAP, REST, JSON, and XML style services as APIs.
- Manage API versions and deployment status by version.
- Govern the API lifecycle (publish, deprecate, retire).
- Attach documentation (files, external URLs) to APIs.
- Provision and Manage API keys.
- Track consumers per API.
- One-click deployment to API Gateway for immediate publishing.
</details>

<details>
<summary>Control Access and Enforce Security</summary>

- Apply Security policies to APIs (authentication and authorization).
- Rely on OAuth2 standard for API access (implicit, authorization code, client, SAML, IWA Grant type).
- Restrict API access tokens to domains/IPs.
- Block a subscription and restrict a complete application.
- Associate API available to system defined service tiers.
- Leverage XACML for entitlements management and fine grained authorization.
- Configure Single Sign-On (SSO) using SAML 2.0 for easy integration with existing web apps.
- Powered by WSO2 Enterprise Service Bus (WSO2 ESB).
</details>

<details>
<summary>Route API Traffic</summary>

- Supports API authentication with OAuth2.
- Extremely high performance pass-through message routing with sub-millisecond latency.
- Enforce rate limiting and throttling policies for APIs by consumer.
- Horizontally scalable with easy deployment into cluster using proven routing infrastructure.
- Scales to millions of developers/users.
- Capture all statistics and push to pluggable analytics system.
- Configure API routing policies with capabilities of WSO2 Enterprise Service Bus.
- Powered by WSO2 Enterprise Service Bus.
</details>

<details>
<summary>Manage Developer Community</summary>

- Self-sign up for API consumption.
- Manage user account including resetting password.
- Developer interaction with APIs via comments and ratings.
- Support for developer communication via forums (Available soon in a future version).
- Powered by WSO2 Identity Server (WSO2 IS).
</details>

<details>
<summary>Govern Complete API Lifecycle</summary>

- Manage API lifecycle from cradle to grave: create, publish, block, deprecate, and retire.
- Publish both production and sandbox keys for APIs to enable easy developer testing.
- Publish APIs to partner networks such as ProgrammableWeb (Available soon in a future version).
- Powered by WSO2 Governance Registry (WSO2 G-Reg).
</details>

<details>
<summary>Monitor API Usage and Performance</summary>

- All API usage published to pluggable analytics framework.
- Out-of-the-box support for the WSO2 Analytics Platform and Google Analytics.
- View metrics by user, API, and more.
- Customized reporting via plugging reporting engines.
- Monitor SLA compliance.
- Powered by WSO2 Data Analytics Server (WSO2 DAS).
</details>

<details>
<summary>Pluggable, Extensible, and Themeable</summary>

- All components are highly customizable through styling, theming, and open source code.
- Developer Portal implemented with React.
- Pluggable to third-party analytics systems and billing systems (Available soon in a future version).
- Pluggable to existing user stores including JDBC and LDAP.
- Components usable separately.
- Developer Portal can be used to front APIs that are routed through third-party gateways such as, Intel Expressway Service Gateway.
- Support for Single Sign On (SSO) using SAML 2.0 for easy integration with existing web apps.
</details>

<details>
<summary>Easily Deployable in Enterprise Settings</summary>

- Role based access control (RBAC) for managing users and their authorization levels.
- Developer Portal can be deployed in DMZ for external access with the Publisher inside the firewall for private control.
- Different user stores for developer focused Developer Portal and internal operations in the publisher.
- Integrates with enterprise identity systems including LDAP and Microsoft Active Directory.
- Gateway can be deployed in DMZ with controlled access to WSO2 Identity Server (for authentication/authorization) and governance database behind a firewall.
</details>

<details>
<summary>Support for Creating Multi-tenanted APIs</summary>

- Run a single instance and provide API Management to multiple customers.
- Share APIs between different departments in a large enterprise.
</details>

<details>
<summary>Publishing and Governing API Use</summary>

- Document an API using Swagger.
- Restrict API access tokens to domains/IPs.
- Ability to block a subscription and restricting a complete application.
- Ability to revoke access tokens.
- Separate validity period configuration for application access token.
- OAuth2 authorization code grant type support.
- Configuring execution point of mediation extensions.
</details>

<details>
<summary>Monitor API Usage and Performance</summary>

- Improved dashboard for monitoring usage statistics (Filtering data for a date range, More visually appealing widgets).

</details>


System Requirements
==================================

1. Minimum memory - 2GB
2. Processor - Pentium 800MHz or equivalent at minimum
3. Java 11 or higher
4. The Management Console requires you to enable Javascript of the Web browser,
with MS IE 7. In addition to JavaScript, ActiveX should also be enabled
with IE. This can be achieved by setting your security level to
medium or lower.
5. Apache Ant is required to compile and run the sample clients. Apache Ant 1.7.0
version is recommended.
6. To build WSO2 API Manager from the source distribution, it is necessary that you have
JDK 11 and Maven 3.0.4 or later.

Installation & Running
==================================
## System prerequisites

1. Extract the wso2am-4.4.0.zip and go to the 'bin' directory
2. Run the api-manager.sh or api-manager.bat script based on you operating system.
3. Access the respective WSO2 API-M interfaces
* API Publisher web application is running at - https://localhost:9443/publisher \
You may sign in to the Publisher using the default administrator credentials (username: admin, password: admin).
* Developer Portal web application is running at - https://localhost:9443/devportal \
You may sign in to the Developer Portal using the default administrator credentials (username: admin, password: admin).
Refer to this page to consult pre-requisites based on your target architecture and operating system: https://apim.docs.wso2.com/en/latest/install-and-setup/install/installation-prerequisites/

Documentation
==============
Installation
----------------------------------

Online product documentation is available at:
https://apim.docs.wso2.com/en/latest/
1. This product requires a JDK to run. We support JDK from v17 through v21. Check our [supported JDKs](https://apim.docs.wso2.com/en/latest/install-and-setup/setup/reference/product-compatibility/#tested-operating-systems-and-jdks) documentation for a complete list.
2. Make sure you have set the `JAVA_HOME` environment variable to point to your JDK. See [this documentation](https://apim.docs.wso2.com/en/latest/install-and-setup/install/installing-the-product/installing-api-m-runtime/#setting-up-java_home) if you need help doing so.
3. Extract the wso2am-4.4.0.zip and go to the 'bin' directory
4. Run the api-manager.sh or api-manager.bat script based on your operating system.
5. Access the respective WSO2 API-M interfaces
* **API Publisher** web application is running at: https://localhost:9443/publisher.
You may sign in to the Publisher using the default administrator credentials (username: admin, password: admin).
* **Developer Portal** web application is running at: - https://localhost:9443/devportal \
You may sign in to the Developer Portal using the default administrator credentials (username: admin, password: admin).

Support
==================================
## Exposing your first API

WSO2 Inc. offers a variety of development and production support
programs, ranging from Web-based support up through normal business
hours, to premium 24x7 phone support.
Follow our [Quick Start guide ](https://apim.docs.wso2.com/en/latest/get-started/api-manager-quick-start-guide/) to expose and test your first API while getting familiar with our API publisher and developer portal interfaces.

For additional support information please refer to http://wso2.com/support
Documentation
==============

For more information on WSO2 API Manager please visit https://wso2.com/api-management/
Online product documentation is available at: https://apim.docs.wso2.com/en/latest/

Survey On Open Source Community Communication
==================================
# Reporting Product Issues

WSO2 wants to learn more about our open source software (OSS) community and your communication preferences to serve you better.
All known issues of WSO2 API Manager are filed at: https://github.com/wso2/api-manager/issues. Please check this list before opening a new issue.

In addition, we may reach out to a small number of respondents to ask additional questions and offer a small gift.
Opening an issue
----------------------------------

Link to survey: https://forms.gle/h5q4M3K7vyXba3bK6
Help us make our software better! Submit any bug reports or feature requests through GitHub: https://github.com/wso2/api-manager/issues.

### Reporting Security Issues

Known Issues of WSO2 API Manager
==================================
Please **do not** report security issues via GitHub issues. Instead, follow the [WSO2 Security Vulnerability Reporting Guidelines](https://security.docs.wso2.com/en/latest/security-reporting/vulnerability-reporting-guidelines/).

All known issues of WSO2 API Manager are filed at:

* https://github.com/wso2/api-manager/issues
# Community Support

Issue Tracker
==================================
You can ask for help on [Stack Overflow](https://stackoverflow.com/questions/tagged/wso2-micro-integrator) and join our community on [Discord](https://discord.gg/wso2).

Help us make our software better. Please submit any bug reports or feature
requests through GitHub:
# Commercial Support

https://github.com/wso2/api-manager/issues
You can take advantage of a WSO2 on-prem product subscription for the full range of software product benefits needed in your enterprise, like expert support, continuous product updates, vulnerability monitoring, and access to the licensed distribution for commercial use.

To learn more, check [WSO2 Subscription](https://wso2.com/subscription/).

Crypto Notice
Can you fill this survey ?
==================================

This distribution includes cryptographic software. The country in
which you currently reside may have restrictions on the import,
possession, use, and/or re-export to another country, of
encryption software. BEFORE using any encryption software, please
check your country's laws, regulations and policies concerning the
import, possession, or use, and re-export of encryption software, to
see if this is permitted. See <http://www.wassenaar.org/> for more
information.

The U.S. Government Department of Commerce, Bureau of Industry and
Security (BIS), has classified this software as Export Commodity
Control Number (ECCN) 5D002.C.1, which includes information security
software using or performing cryptographic functions with asymmetric
algorithms. The form and manner of this Apache Software Foundation
distribution makes it eligible for export under the License Exception
ENC Technology Software Unrestricted (TSU) exception (see the BIS
Export Administration Regulations, Section 740.13) for both object
code and source code.

The following provides more details on the included cryptographic
software:

* Apache Rampart : http://ws.apache.org/rampart/
* Apache WSS4J : http://ws.apache.org/wss4j/
* Apache Santuario : http://santuario.apache.org/
* Bouncycastle : http://www.bouncycastle.org/
WSO2 wants to learn more about our open source software (OSS) community and your communication preferences to serve you better.

In addition, we may reach out to a small number of respondents to ask additional questions and offer a small gift.

Survey is available at: https://forms.gle/h5q4M3K7vyXba3bK6

--------------------------------------------------------------------------------
(c) Copyright 2020 WSO2 Inc.
(c) Copyright 2024 WSO2 Inc.
Loading