Skip to main content

How to manage API development teams with WSO2 API Manager

WSO2 API Manager recently added a feature to control the visibility and the management of the API publisher interface which allows multiple teams within a same organization to independently develop their APIs without allowing others to edit or modify APIs. Even though separate teams can achieve the same (or higher) level of isolation through multi tenancy, it is not a viable option for most user scenarios where they need to expose APIs through the same tenant without dealing with the tenant level complexities.
The basic requirement to achieve team level isolation is to create a role per team with necessary permissions to create and publish APIs. You can do this by log in to the WSO2 API manager carbon console (https://localhost:9443/carbon) and then creating a role for team1 and then assigning API creation and publishing permissions.
 
 
 
 
 
 
 
 
 
 
 
 
 
View user roles created within the API manager
 
 
 
 
 
 
 
 
 
 
 
 
 
Permission assignment to role created for team1
Once this role is created, the team members related to team1 can be assigned to this role. Once we do that, APIs created by any of the team member of team1 can select the team1 role as the Access control→Restricted by roles option of publisher when creating the APIs so that the API can only be visible in the publisher portal to any other team members in the same team only (+admin).
 
 
 
 
 
 
 
 
 
 
 
 
 
API publisher access control
If the team members in another team (group) creates an API, those APIs will not be visible to the members of the team1 within the publisher portal (if they follow the same steps mentioned above). This will make the team level isolation during the API development time.
Even though these APIs are not visible within the publisher portal, the visibility on the Store portal can be different. When the API is created, user can select the visibility level at the store. That can be done at
  • Role based
  • Tenant domain based
  • Public
Depending on the selected visibility level of the Store side, other team members might also be able to view the API within the store. But they cannot modify the API since it is not visible at the publisher side.
Using this method, an organization can easily manage their multiple API development teams without interfering with each other. This feature is available with API Manager 2.1.0 latest updates.

Labels:

Comments

Post a Comment

Popular posts from this blog

WSO2 ESB tuning performance with threads

I have written several blog posts explaining the internal behavior of the ESB and the threads created inside ESB. With this post, I am talking about the effect of threads in the WSO2 ESB and how to tune up threads for optimal performance. You can refer [1] and [2] to understand the threads created within the ESB. [1] http://soatutorials.blogspot.com/2015/05/understanding-threads-created-in-wso2.html [2] http://wso2.com/library/articles/2012/03/importance-performance-wso2-esb-handles-nonobvious/ Within this blog post, I am discussing about the "worker threads" which are used for processing the data within the WSO2 ESB. There are 2 types of worker threads created when you start sending the requests to the server 1) Server Worker/Client Worker Threads 2) Mediator Worker (Synapse-Worker) Threads Server Worker/Client Worker Threads These set of threads will be used to process all the requests/responses coming to the ESB server. ServerWorker Threads will be used to pr
4 comments
Read more

How puppet works in your IT infrstructure

What is Puppet? Puppet is IT automation software that helps system administrators manage infrastructure throughout its lifecycle, from provisioning and configuration to orchestration and reporting. Using Puppet, you can easily automate repetitive tasks, quickly deploy critical applications, and proactively manage change, scaling from 10s of servers to 1000s, on-premise or in the cloud. How the puppet works? It works like this..Puppet agent is a daemon that runs on all the client servers(the servers where you require some configuration, or the servers which are going to be managed using puppet.) All the clients which are to be managed will have puppet agent installed on them, and are called nodes in puppet. Puppet Master: This machine contains all the configuration for different hosts. Puppet master will run as a daemon on this master server. Puppet Agent: This is the daemon that will run on all the servers, which are to be managed using p
7 comments
Read more

How to configure timeouts in WSO2 ESB to get rid of client timeout errors

WSO2 ESB has defined some configuration parameters which controls the timeout of a particular request which is going out of ESB. In a particular  scneario, your client sends a request to ESB, and then ESB sends a request to another endpoint to serve the request. CLIENT->WSO2 ESB->BACKEND The reason for clients getting timeout is that ESB timeout is larger than client's timeout. This can be solved by either increasing the timeout at client side or by decreasing the timeout in ESB side. In any of the case, you can control the timeout in ESB using the below properties. 1) Global timeout defined in synapse.properties (ESB_HOME\repository\conf\) file. This will decide the maximum time that a callback is waiting in the ESB for a response for a particular request. If ESB does not get any response from Back End, it will drop the message and clears out the call back. This is a global level parameter which affects all the endpoints configured in ESB. synapse.global_timeout_inte
3 comments
Read more