In this community call, we will discuss the highlights of WSO2 API Manager 4.0 including - Why we moved from WSO2 API Manager 3.2.0 to 4.0.0. - New architectural changes - Overview of the new features with a demo - Improvements to the existing features and deprecated features Recording: https://youtu.be/_ks4zEeRFdk Sign up to get notified of future calls: https://bit.ly/373f4ae WSO2 API Manager Community Channels: - Slack: https://apim-slack.wso2.com - Twitter: https://twitter.com/wso2apimanager

1. WSO2 API Manager Community call
Highlights of WSO2 API Manager 4.0.0
June 30th, 2021
Sarangan Janakan
Software Engineer

2. WSO2 API
Manager
2
WSO2 API Manager is a complete platform for building, integrating, and
exposing your digital services as managed APIs in the cloud,
on-premises, and hybrid environments.
Highlights
● Powerful Graphical / CLI tooling.
● End-to-end API Lifecycle
Management.
● Real-time access to API usage.
● Easily and securely expose APIs.
● Enable design and runtime
governance.

3. WSO2 Enterprise
Integrator
3
An open-source, cloud-native, distributed, hybrid integration
platform for integrating APIs, and data using microservices,
cloud-native or centralized ESB style architectures.
Highlights
● Microservices Integration.
● Enterprise Service Bus.
● Integration Connectors.
● Monitoring.
● Visual Tooling .

4. WSO2 Streaming
Integrator
4
An open-source, stream flow designer and a stream processing engine
to perform strong monitoring and analytics functions and connect and
realize event-driven architectures with distributed streaming systems
Highlights
● Microservices Integration.
● Large File Processing with MFT.
● Streaming ETL with CDC.
● Event Stream Integration.
● Real-Time APIs.
● Visual Tooling .

5. Rationale behind upgrading WSO2 API Manager to 4.0.0
5
● An API-led Integration
⦿ Omnichannel experience in exposing integration services and streams as APIs.
Start with API management...
Start with API management...
API Manager
Micro Integrator
Streaming Integrator
APIM 4.0.0 Runtime
Integration Service
Streams
APIs
● Product improvement.
⦿ Introducing new capabilities for API governance.
⦿ Removal of unnecessary features
⦿ Modifies the existing features in line with demands.

6. API Manager 4.0.0 Architecture

7. Architecture Of API Manager 4.0.0
7

8. Tooling
8
● apictl - Command Line tool for managing APIs
⦿ Migrate API Manager artifacts across environments
⦿ Perform CI/CD operations
⦿ Monitoring Synapse artifacts and performing MI
management/administrative tasks.
● Integration Studio - Development environment for integration services
⦿ Design, develop, debug, test and deploy integration services.
● kubectl - API operator for Kubernetes.
● Streaming Editor - Developer tool that is used to develop Siddhi applications.
⦿ Write applications in Siddhi Query Language and visualizes the event
flow of a Siddhi application.

9. Management Plane
9
● API Publisher
⦿ Platform to create and manage APIs with lifecycle management.
⦿ API Monetization.
⦿ Rate Limiting.
● Developer Portal
⦿ Discover, Subscribe and test to the APIs.
⦿ Invoke the APIs with proper authorization.
● Kubernetes API Operator
⦿ Expose microservices as managed API in Kubernetes environment.
● Service Catalog
⦿ Register services in a RESTful manner.
⦿ Automatic service registration through integration studio.
● Analytics
⦿ Configuring alerts and notifications.
⦿ Dashboard to view the statistics.

10. Data Plane - API Gateway
10
● Proxy for the API calls.
● Transport provides a sender and receiver to carry the messages in HTTP/HTTPS.
● Message processor convert the payload to common XML which is understandable by mediation engine.
● Handlers enforces security, rate-limiting, transformations on API requests if applicable and collects
statistics.
● After backend processing, Message formatter converts the response stream back into its original format .

11. Data Plane - Micro Integrator & Streaming Integrator
11
● Micro Integrator
⦿ Leveraged as an integration service in a
decentralized, cloud-native, integration
architecture where microservices are used for
integrating the various APIs, events, and
systems.
● Streaming Integrator
⦿ Integrates streaming data and takes action
based on streaming data
⦿ Using Siddhi language it understands, captures,
analyzes, processes, and acts upon streaming
data

12. Control Plane - Key Manager
12
● Secure Token Service for the API Manager.
● Supports OAuth2.0, Basic Auth, Mutual SSL and
API-Key.
● Provides access tokens to clients through
token APIs.
● Generate JWT tokens to pass end-user
attributes to the backend, if configured.
● Third-party IDP support.

13. Control Plane - Traffic Manager
13
● Secure APIs against security attacks.
● Available to consumers at different service levels.
● Keep the API Gateway’s in-memory map, which is
used for key validation, up-to-date via a JMS topic.
● Regulate API traffic.

14. New Features

15. Service Catalog for Integration Service
Integration
15
● API-led integration - Bridge integration services and streams to the API Management.
● Build Services using Micro Integrator(REST API) or Streaming Integrator (WebSocket,
WebHook/WebSub or SSE) and discover them in the service catalogue.
● View and Deploy the Services as APIs using API Manager.
● Single service can be used to build multiple APIs

16. API and API Product revision supporton
16
● Provides the capability to improve the API and test them without interrupting existing API
deployments.
● Publish in previous versions → Deploy and Publish in 4.0.0
● Keep snapshot versions of an API and revert back to previous stable snapshots in times of failure.
● Test APIs in an independent Gateway before deploying the API to an actual Gateway.
● Deploy the revisions to selected gateways.
● Restore will only update the working copy in the the Publisher and Developer Portal, it does not have
any effect on the deployed revisions.
R1 R2 R3
TestAPI -1.0.0
R1 R2 R3
TestAPI -2.0.0
Creating a new
Version for TestAPI
Revision 1 Revision 2 Revision 3 Revision 1 Revision 2 Revision 3
Restore

17. Enhanced Publisher and Developer Portal.
17
● New UI to create APIs from scratch.
● Sequential road map of configuration view in Publisher to develop, deploy, test and publish an API.
● Improved Themes and Pages in the Publisher and devportal.

18. Try out using Postman
tegration
18
● Capability to export the Postman collection for the deployed
APIs instead of integrated test consoles.
● Supports for REST and GraphqL APIs.

19. Extended Key Manager supportegration
19
● Introduced support to ForgeRock, PingFederate and Auth0.
● Key Manager configuration initialization at server startup takes place through an internal API

20. Exposing APIs via Custom Hostnamesgration
20
● Capability to expose APIs using unique hostnames that correspond to a Gateway environment.
● Enables to deploy an API or API Product Revision to a Gateway with a custom hostname.
● Easily configured using Admin portal.
● Application developers can access APIs by using the defined access URLs of the virtual host.

21. Streaming API support in API Gateway
21
● Capability to expose event streams and topics as managed APIs through service catalog.
● Topics in a Streaming API enables to,
⦿ Subscribe - A topic of this type allows traffic from the server (backend) to the client.
⦿ Publish - A topic of this type allows traffic from the client to the server.
● Streaming Integration of API Manager supports
⦿ WebSocket - Allows a continuous two-way communication between the server and the client.
⦿ WebSub (WebHook) - Only allows one-way communication, from a caller web app to a callee
web app
⦿ Server Sent Events (SSE) - SSE only allows one-way communication similar to WebHooks, from
the server to the client, and the client can’t send any message to the server.
● Authorization based on topics.
● Create a Streaming API from an AsyncAPI Definition

22. Cloud based Analytics
22
● Analytics as a cloud service instead of a
separate deployment.
● The Analytics Portal is deployed as a separate
web application that will query the query API to
visualize API statistics.
● Asynchronous nature of the event publishing.

23. Choreo Connect
23
● Cloud Native and decentralized API Gateway
which can be used to expose one or many
microservices as APIs.
● Choreo Connect Components,
⦿ Router - Use Envoy Proxy and route traffic
from clients to services.
⦿ Enforcer - Applies the API management
capabilities.
⦿ Adapter - Translates the API definition to
the format understood by the Router and
enforcer for API deployment.
⦾ Can receive an API from APIM
control plane(publisher)
⦾ Can receive APIs via pushing the
API from apictl.
● Supports a subset of features of API Manager.

24. API Controller (apictl) Improvements
24
Restructuring of API/API Product/Application Project.
● Params file support for API Products.
● Support to override subscription policies of an
API using the params file.
● Introducing a structure for deployment and
source repositories.
● Archive deployment directory without the need
of external dependencies.
● VCS support for both the deployment and source
repositories.
● Introducing new schemas for apictl API/API
Product/Application project artifacts.
Support TLS renegotiation configuration.
● never: Disable TLS renegotiation
● once: Allow TLS renegotiation once
● freely: Allow unrestricted TLS renegotiation
Support the new features introduced in APIM 4.0.0
● Support import/export revisioning of APIs and
API Products
● Perform Micro integrator related functions
using apictl.
● Capability of performing developer CLI
operations for Choreo Connect.
● Support for import/export of Streaming APIs.
Standardized the apictl flags with a common
convention and refined commands
Set proxy related environment variables, with or
without basic authentication in apictl.
Importing APIs from AWS API Gateway to WSO2
API Manager.

25. Removed features and Key Changes

26. Removed features and Key Changes
26
Removal of Microgateway label
Remove the capability to create
Microgateway label and assign them
to the APIs.
Startup script Changes
The name of the startup script has changed from,
● (Linux/Mac OS) - wso2server.sh →
api-manager.sh
● Windows - wso2server.bat → api-manager.bat
VHosts and dynamically manageable
Gateway environments to group and
expose APIs.
In memory Synapse Artifacts
API-related Synapse artifacts were moved from
the file system to the in-memory.
Refactoring of Distributed setup profiles
Distributed setup profiles were refactored to three
profiles:
● Control Plane profile - This profile contains the
Publisher, Developer Portal, Key Manager, and
Traffic Manager.
● Gateway profile
● Traffic Manager profile
During a server startup and revision deployment
artifacts will be loaded from the DB to the
memory.

27. Removed features and Key Changes ctd..
Remove exposing token endpoints through Gateway
Until 3.2.0 → In 4.0.0
https://<gateway-host>/token → https://<keymanager-host>/oauth2/token
https://<gateway-host>/revoke → https://<keymanager-host>/oauth2/revoke
https://<gateway-host>/authorize → https://<keymanager-host>/oauth2/authorize
https://<gateway-host>/userInfo → https://<keymanager-host>/oauth2/userInfo
Decoupling Publishing and Deploy
With API Revisioning it is required to have an API revision deployed in a Gateway to be able
to publish an API.
● Deploy - Promote the API to gateway for invocations
● Publish - Display the APIs in the marketplace

28. Demo

29. Question Time !

30. wso2.com
Thanks!