webMethods API Gateway overview
webMethods API Gateway enables an organization to securely expose APIs to external developers, partners, and other consumers for use in building their own applications on their wanted platforms.
webMethods API Gateway provides a dedicated, web-based user interface. This interface provides you to perform all the administration and API related tasks. This task includes creating APIs, defining and activating policies, creating applications, and consuming APIs. webMethods API Gateway gives you rich dashboard capabilities for API Analytics.
APIs created in webMethods API Gateway can also be published to Developer Portal for external facing developers' consumption. webMethods API Gateway supports REST-based APIs and SOAP-based APIs, provides protection from malicious attacks, provides a complete runtime governance of APIs, and information about gateway-specific events and API-specific events.
webMethods API Gateway features
webMethods API Gateway provides these key features:
- Support for REST APIs and SOAP APIs
- webMethods API Gateway supports REST-based APIs and SOAP-based APIs. This support enables organizations to use their current investments in SOAP-based APIs, adopting REST for new APIs. The SOAP to REST transformation feature enables an API provider to expose parts of the SOAP API or expose the complete SOAP API with RESTful interface. webMethods API Gateway enables customization of how SOAP operations are exposed as REST resources.
- Secure APIs
- webMethods API Gateway protects APIs from malicious attacks that are initiated externally with client applications. Administrators can secure traffic between API consumer requests and webMethods API Gateway services, by filtering requests from specific IP addresses. They can blocklist certain IP addresses. They can also detect and filter requests from particular mobile devices.
- Policy enforcement
- webMethods API Gateway provides complete run-time governance of APIs. webMethods API Gateway enforces access tokens,
such as API key checks and OAuth2 tokens. It also enforces operational policies, such as security
policies, for run-time requests between applications and native services.
API providers can enforce security, traffic management, monitoring, and SLA management policies, can transform requests and responses into expected formats, and collect events metrics on API consumption and policy evaluation. API policies can be defined globally and applied to a set of APIs. With API Gateway, you can also define policy templates that can be applied across APIs.
- Mediation
- webMethods API Gateway provides routing policies such as content-based, and context-based, for run-time requests between applications and native services. These policies perform routing and load balancing of incoming requests to an API.
- Message transformation
- webMethods API Gateway configures an API and to transform the request and response messages to suit your requirements. You can specify an XSLT file to transform messages during the mediation process. You can also configure an API to invoke Integration Server services to pre-process or post-process the request or response messages.
- Easy discovery and testing of APIs
- webMethods API Gateway provides filter capabilities to quickly find APIs of interest. API descriptions and more documentation provide more details to developers. Usage examples and information about policies that are enforced at the API level help developers decide whether to adopt a particular API. Developers can use the provided samples and expected error and return codes to see how the API works.
- Clustering support
- Multiple instances of webMethods API Gateway can be clustered together to provide scalability and high availability.
- Built-in usage analytics
- webMethods API Gateway provides information about Gateway-specific events and API-specific events, details about which APIs are more popular than others. The Gateway-specific events information is available by way of dashboards to users. With this information, providers can understand how their APIs are being used, which in turn can help identify ways of improving their users' experience and increase API adoption.
- Packages and Plans
- webMethods API Gateway provides capabilities to create and manage packages and plans. It helps the API providers in providing tiered access to their APIs to allow different service levels and pricing plans. Users can view the details of the package, such as included APIs and associated plans. Plans provide information about pricing and quality of service terms that are defined within them. Consumers can subscribe to any plan available under the package, based on their business needs.
- Functional Privileges
- webMethods API Gateway assigns functional privileges to a user or group (LDAP or local) using teams. The functional privileges are grouped to form a team, which is associated to a group. Functional privilege must be assigned to perform any of the key webMethods API Gateway features.
- API Mashups
- webMethods API Gateway consolidates services and expose them as a single service. You can create API mashups that extend an API operation by grouping it with other API operations available in API Gateway.