×

API Manager

Features

The open source WSO2 API Manager is a complete enterprise-class API management solution that combines easy, managed API access with full API governance and analysis.

Full Lifecycle API Management

  • Manages the complete lifecycle of APIs from creation to retirement.
  • Provides a unified platform for designing, developing, deploying, and monitoring APIs.
  • Enables consistent policy enforcement and governance across the API lifecycle.
  • Facilitates better collaboration and control over API evolution.

API-First Development

  • Design APIs and use a graphical editor to generate the open API specification.
  • Test out APIs with mock backend implementations.
  • JavaScript-based programmable interface for dynamic mocking capabilities.
  • Ensures a clear contract between frontend and backend development teams.
  • Facilitates parallel development by different teams.
  • Leads to more reusable and consistent APIs.

API Security and Rate Limiting

  • Secure access and control how APIs are being consumed through authentication and authorization mechanisms such as OAuth2, API keys, and mutual TLS.
  • Control API consumption through rate-limiting policies applied at various levels (API level, subscription level, backend level, etc.).
  • Protection against abuse and overload with traffic management capabilities.
  • Enable fine-grained access control for different API resources with scopes.
  • Advanced attribute and policy-based access control with OPA and XACML.

Support Async APIs

  • Support for AsyncAPI 2.0.0 specification. Import and export APIs as AsyncAPI documents.
  • Expose WebHooks as managed APIs that comply with the WebSub standard.
  • Efficient management of event streaming endpoints in event-driven systems.
  • Expose event streams and topics as managed APIs via web-friendly protocols such as WebSockets, SSE, and WebSub.
  • Authentication for API access and fine-grained access control on different topics.
  • Rate-limiting policies for asynchronous communication and event streaming.

AI for APIs

  • Generate API definitions with AI.
  • Test APIs using natural language, with AI generating the required test payloads.
  • Generate API documentation using generative AI.
  • Convert human-readable policy documents to machine-readable policies.

Gateway Federation

  • API discovery across third-party API gateways (AWS API Gateway, Azure API Gateway, Kong, and Envoy Gateway).
  • Our connector framework supports bringing your own API gateway.
  • Centralized governance and policy enforcement via a unified control plane.

AI Gateway

  • Regulate and govern AI service consumption across large language models (LLMs) and MCP tools.
  • Centralizes model configuration, policy enforcement, and routing across multiple AI vendors.
  • Apply token-based rate limits, prompt management, and runtime governance for safety and cost control.
  • Gain visibility into model and tool usage with unified analytics and monitoring.
  • Enable consistent security, authorization, and throttling for LLM calls and MCP tool interactions.

APIs for AI

Manage AI Service Subscriptions in WSO2 API Manager:

  • Manage a unified AI API across multiple AI vendors and versions.
  • Centralized management of AI vendor key configurations.
  • Enforce differentiated levels of resource consumption on AI APIs based on rate limits.
  • Dynamically route AI API requests across multiple models within a vendor or across vendors for optimized performance.
  • Obtain insights and track AI API usage statistics.

Govern All Ingress and Egress APIs

  • Enforce security policies on all incoming (ingress) and outgoing (egress) API traffic.
  • Implement governance policies during API creation and throughout their runtime.
  • Control and monitor data flow across organizational boundaries via APIs.
  • Ensure compliance and consistency in managing external and internal API interactions.

Discovery and Usage

  • Control how API consumers find and access APIs.
  • Enable developers to easily explore and understand APIs.
  • Self-service API subscription and key generation.
  • Interactive API documentation and try-out consoles.

Observe and Analyze Usage

  • Obtain actionable insights into API performance and usage trends.
  • Analyze API traffic to identify potential bottlenecks or security risks.
  • Monitor key metrics to understand API adoption and business value.

Monetize APIs and Generate Revenue

  • Supports various pricing models for API usage.
  • Create subscription plans with different tiers and pricing.
  • Track API usage and billing based on defined metrics.
  • Manage and track revenue streams.
Products

API Management

Integration

Identity and Access Management

Internal Developer Platform

Solutions
Resources
Support
Company
Sign Up For Our Newsletter

Follow us

Learn About Security At WSO2