Integration approach to API Management: Fiorano API Management is particularly well-suited for enterprises that need deep integration capabilities to build APIs on top of existing applications. The system offers a range of capabilities, including protocol transformation, mobile backend-as-a-service (MBaaS), standards-based access management, version management, API rate limiting, and metering (analytics). Backend and third-party web services can be transformed into easily consumable APIs, governed by self-service policies.
Fiorano API Management also provides contextual analysis and visibility into API initiatives and associated digital assets to help drive developer and user engagement. The system is available both as an on-premise platform and as a cloud service.
Fiorano API Management platform comprises server technology that provides:
Security: Security descriptors provide the enterprise fine-grained control over which end-users and user-groups can access an API.
Metering: For each API, a count is maintained of the number of times the API has been called, together with a list of which applications have made the calls. IT is possible to set metering limits as well as charges on a per-call (or other) basis for all API calls.
Monitoring: This allows system administrators to track which APIs are using the most resources (CPU, memory etc.) and to graph the related information to identify hotspots and contention. Using this information, system administrators may decide, for instance, to split API call-load over multiple API Management servers (provided the underlying solution allows for this scaling-out process).
Management: A high level view of the overall implement of API Management across the enterprise, including a synopsis of the security, metering and monitoring processes running across multiple servers within and outside the enterprise firewall.
Developer Support and Socialization: Exposed APIs need to be marketed or socialized to third-party developers; this is typically done via developer portals, either within or external to the API management platform, where available APIs are published.
API Management Server
API Gateway Server
- This is the central server which acts as the repository for the API Projects created by users and deploys them to API Gateway Servers.
- Hosts the API dashboard
- Incorporates an Analytics engine and performs various aggregation/ingestion functions.
- Manages Role Based Access Control
- Acts as a reverse proxy server for the backend REST/SOAP based web services that are to be exposed as APIs
- Receives client requests and performs Caching, Traffic Control, Quota Management, Authentication and Authorization before letting the request pass to a back end server.
- Provides load balancing capabilities in case the target service is hosted on multiple servers.
The dashboard, hosted in the API Management server, provides interfaces to
- Create API projects with zero coding
- Define various API products, Developers and Subscriptions
- Analyze API trends, investigate spikes, define various roles, environments, partners and more.
The developer portal allows enterprises to publish and socialize their APIs. Support is included for
- Self signup of developers, allowing automatic subscription to public APIs
- Viewing API documentation related to various public and protected APIs.
- Expose-To-All APIs (Public)
- APIs open to all developers
- Apps typically targeted towards consumers outside the enterprise
- Goals : engaging customers through external developers
- Expose-To-selected APIs (Partners)
- APIs open to select business partners only
- Apps targeted towards both consumers and business users
- Goals : specific to the business of the enterprise
- Expose to Enterprise APIs (Internal)
- APIs exposed only to developers within the enterprise
- Apps targeted towards employees and/or enterprise systems
- Goals: driving employee productivity and internal system efficiencies
Industry best security and integration in one solution
Rapid, Configuration-based API Development - Zero Coding
- Based on Fiorano market leading ESB and SOA platform
- Download and install in 30 mins and begin deploying your APIs
Out of the box business analytics and operation insight
- Create and deploy new APIs in minutes
- Easily create portals to socialize your APIs
- Visible ROI in days, not month
Support for continuous iterative development
- Pinpoint key market fluctuations and correlations related to your business
- Sophisticated inspection and debugging tools to identify bottlenecks and reduce development/deployment times
- API updates with minimal interruption
- Integrated debug/test/rollout to rapidly fix production issues
- Point-and-click snapshot restoration to previous versions
- API Gateway: Fiorano provides a linearly scalable, agent-based API gateway. Agents (i.e. exposed APIs) have the inbuilt capability to handle policies to detect threshold overruns and exceptions/error conditions, with the generated events being monitored via a central Fiorano Enterprise Server that may be hosted either in the cloud or within the Enterprise firewall.
- API Development: The Fiorano platform allows developers to create APIs using a visual drag-drop-configure approach. Fiorano supports WebService and REST-based API development.
- Mediation: The platform includes a powerful set of prebuilt mediation components for data transformation, routing, protocol transformation and more.
- API Repository: Fiorano includes an API Repository allowing developers to manage and test deployed APIs from a web based console.
- Monitoring: Deployed APIs can be monitored for performance throughput, errors and overloads. Alerts can be configured for these conditions.
- API Security: Deployed APIs can be secured using WS-Security standards for webservice-based APIs and HTTP-based authentication for REST based APIs.