Skip to main content

How to manage API development teams with WSO2 API Manager

WSO2 API Manager recently added a feature to control the visibility and the management of the API publisher interface which allows multiple teams within a same organization to independently develop their APIs without allowing others to edit or modify APIs. Even though separate teams can achieve the same (or higher) level of isolation through multi tenancy, it is not a viable option for most user scenarios where they need to expose APIs through the same tenant without dealing with the tenant level complexities.
The basic requirement to achieve team level isolation is to create a role per team with necessary permissions to create and publish APIs. You can do this by log in to the WSO2 API manager carbon console (https://localhost:9443/carbon) and then creating a role for team1 and then assigning API creation and publishing permissions.
 
 
 
 
 
 
 
 
 
 
 
 
 
View user roles created within the API manager
 
 
 
 
 
 
 
 
 
 
 
 
 
Permission assignment to role created for team1
Once this role is created, the team members related to team1 can be assigned to this role. Once we do that, APIs created by any of the team member of team1 can select the team1 role as the Access control→Restricted by roles option of publisher when creating the APIs so that the API can only be visible in the publisher portal to any other team members in the same team only (+admin).
 
 
 
 
 
 
 
 
 
 
 
 
 
API publisher access control
If the team members in another team (group) creates an API, those APIs will not be visible to the members of the team1 within the publisher portal (if they follow the same steps mentioned above). This will make the team level isolation during the API development time.
Even though these APIs are not visible within the publisher portal, the visibility on the Store portal can be different. When the API is created, user can select the visibility level at the store. That can be done at
  • Role based
  • Tenant domain based
  • Public
Depending on the selected visibility level of the Store side, other team members might also be able to view the API within the store. But they cannot modify the API since it is not visible at the publisher side.
Using this method, an organization can easily manage their multiple API development teams without interfering with each other. This feature is available with API Manager 2.1.0 latest updates.

Labels:

Comments

Post a Comment

Popular posts from this blog

How to setup an WSO2 API manager distributed setup with a clustered gateway with WSO2 ELB

In this blog post I am going to describe about how to configure a WSO2 API Manager in a distributed setup with a clustered gateway with WSO2 ELB and the WSO2 G-REG for a distributed deployment in your production environment. Before continuing with this post, you need to download the above mentioned products from the WSO2 website. WSO2 APIM - http://wso2.com/products/api-manager/ WSO2 ELB - http://wso2.com/products/elastic-load-balancer/ Understanding the API Manager architecture API Manager uses the following four main components: Publisher Creates and publishes APIs Store Provides a user interface to search, select, and subscribe to APIs Key Manager Used for authentication, security, and key-related operations Gateway Responsible for securing, protecting, managing, and scaling API calls Here is the deployment diagram that we are going to configure. In this setup, you have 5 APIM nodes with 2 gateway...
2 comments
Read more

How puppet works in your IT infrstructure

What is Puppet? Puppet is IT automation software that helps system administrators manage infrastructure throughout its lifecycle, from provisioning and configuration to orchestration and reporting. Using Puppet, you can easily automate repetitive tasks, quickly deploy critical applications, and proactively manage change, scaling from 10s of servers to 1000s, on-premise or in the cloud. How the puppet works? It works like this..Puppet agent is a daemon that runs on all the client servers(the servers where you require some configuration, or the servers which are going to be managed using puppet.) All the clients which are to be managed will have puppet agent installed on them, and are called nodes in puppet. Puppet Master: This machine contains all the configuration for different hosts. Puppet master will run as a daemon on this master server. Puppet Agent: This is the daemon that will run on all the servers, which are to be managed using p...
7 comments
Read more

WSO2 ESB tuning performance with threads

I have written several blog posts explaining the internal behavior of the ESB and the threads created inside ESB. With this post, I am talking about the effect of threads in the WSO2 ESB and how to tune up threads for optimal performance. You can refer [1] and [2] to understand the threads created within the ESB. [1] http://soatutorials.blogspot.com/2015/05/understanding-threads-created-in-wso2.html [2] http://wso2.com/library/articles/2012/03/importance-performance-wso2-esb-handles-nonobvious/ Within this blog post, I am discussing about the "worker threads" which are used for processing the data within the WSO2 ESB. There are 2 types of worker threads created when you start sending the requests to the server 1) Server Worker/Client Worker Threads 2) Mediator Worker (Synapse-Worker) Threads Server Worker/Client Worker Threads These set of threads will be used to process all the requests/responses coming to the ESB server. ServerWorker Threads will be used to pr...
5 comments
Read more