Skip to main content

How to manage API development teams with WSO2 API Manager

WSO2 API Manager recently added a feature to control the visibility and the management of the API publisher interface which allows multiple teams within a same organization to independently develop their APIs without allowing others to edit or modify APIs. Even though separate teams can achieve the same (or higher) level of isolation through multi tenancy, it is not a viable option for most user scenarios where they need to expose APIs through the same tenant without dealing with the tenant level complexities.
The basic requirement to achieve team level isolation is to create a role per team with necessary permissions to create and publish APIs. You can do this by log in to the WSO2 API manager carbon console (https://localhost:9443/carbon) and then creating a role for team1 and then assigning API creation and publishing permissions.
 
 
 
 
 
 
 
 
 
 
 
 
 
View user roles created within the API manager
 
 
 
 
 
 
 
 
 
 
 
 
 
Permission assignment to role created for team1
Once this role is created, the team members related to team1 can be assigned to this role. Once we do that, APIs created by any of the team member of team1 can select the team1 role as the Access control→Restricted by roles option of publisher when creating the APIs so that the API can only be visible in the publisher portal to any other team members in the same team only (+admin).
 
 
 
 
 
 
 
 
 
 
 
 
 
API publisher access control
If the team members in another team (group) creates an API, those APIs will not be visible to the members of the team1 within the publisher portal (if they follow the same steps mentioned above). This will make the team level isolation during the API development time.
Even though these APIs are not visible within the publisher portal, the visibility on the Store portal can be different. When the API is created, user can select the visibility level at the store. That can be done at
  • Role based
  • Tenant domain based
  • Public
Depending on the selected visibility level of the Store side, other team members might also be able to view the API within the store. But they cannot modify the API since it is not visible at the publisher side.
Using this method, an organization can easily manage their multiple API development teams without interfering with each other. This feature is available with API Manager 2.1.0 latest updates.

Comments

Post a Comment

Popular posts from this blog

How to configure timeouts in WSO2 ESB to get rid of client timeout errors

WSO2 ESB has defined some configuration parameters which controls the timeout of a particular request which is going out of ESB. In a particular  scneario, your client sends a request to ESB, and then ESB sends a request to another endpoint to serve the request. CLIENT->WSO2 ESB->BACKEND The reason for clients getting timeout is that ESB timeout is larger than client's timeout. This can be solved by either increasing the timeout at client side or by decreasing the timeout in ESB side. In any of the case, you can control the timeout in ESB using the below properties. 1) Global timeout defined in synapse.properties (ESB_HOME\repository\conf\) file. This will decide the maximum time that a callback is waiting in the ESB for a response for a particular request. If ESB does not get any response from Back End, it will drop the message and clears out the call back. This is a global level parameter which affects all the endpoints configured in ESB. synapse.global_timeout_inte

Understanding Threads created in WSO2 ESB

WSO2 ESB is an asynchronous high performing messaging engine which uses Java NIO technology for its internal implementations. You can find more information about the implementation details about the WSO2 ESB’s high performing http transport known as Pass-Through Transport (PTT) from the links given below. [1] http://soatutorials.blogspot.com/2015/05/understanding-wso2-esb-pass-through.html [2] http://wso2.com/library/articles/2013/12/demystifying-wso2-esb-pass-through-transport-part-i/ From this tutorial, I am going to discuss about various threads created when you start the ESB and start processing requests with that. This would help you to troubleshoot critical ESB server issues with the usage of a thread dump. You can monitor the threads created by using a monitoring tool like Jconsole or java mission control (java 1.7.40 upwards). Given below is a list of important threads and their stack traces from an active ESB server.  PassThroughHTTPSSender ( 1 Thread )

How puppet works in your IT infrstructure

What is Puppet? Puppet is IT automation software that helps system administrators manage infrastructure throughout its lifecycle, from provisioning and configuration to orchestration and reporting. Using Puppet, you can easily automate repetitive tasks, quickly deploy critical applications, and proactively manage change, scaling from 10s of servers to 1000s, on-premise or in the cloud. How the puppet works? It works like this..Puppet agent is a daemon that runs on all the client servers(the servers where you require some configuration, or the servers which are going to be managed using puppet.) All the clients which are to be managed will have puppet agent installed on them, and are called nodes in puppet. Puppet Master: This machine contains all the configuration for different hosts. Puppet master will run as a daemon on this master server. Puppet Agent: This is the daemon that will run on all the servers, which are to be managed using p