...
- An API Group is a container for APIs, it is a way of categorizing APIs
- An API exists inside an API Group - one API can contain many API Versions
- A number of Subscription Plans can be associated with an API
- A Subscription Plan contains a set of Rate Limits, which limits the number of requests which can be made by one API Partner Application in a given time period.
- An API Version contains the API Specification, Implementation, Security restrictions and is published to one or more Environments
- You can have as many Environments as you want, e.g. Sandbox, Production, Preproduction or TestOne, TestTwo and TestTree.
- Ceptor API Gateway serves APIs within one or more Environments. When APIs are called, API Usage information is stored for later analysis.
- Ceptor API Gateway authenticates users using the Session Controller which has Authentication Plugins that looks up Partner Applications based upon client IDs, API keys, SSL client certificates or other credentials.
- One API Partner is an organisation or group that has a number of API Partner Applications registered to it.
- An API Partner and its Partner Applications are registered in the API Developer Portal by API Developers who can self-register in the portal.
- An API Profile can be used to specify common settings for a set of APIs, e.g. security settings, or it can limit which element an API Designer is allowed to use.
- An API Designer use Ceptor Console / to author and design APIs.
Features
API Management
- API lifecycle
- OpenAPI, WSDL or Plain HTTP APIs
- Publish APIs to one or more environments
- Mock APIs
- Restrict access to APIs or operations
- Implement APIs in JavaScript, Groovy or Python
- Create environment-specific or global implementation
- Template responses created from OpenAPI schema
- Proxy APIs
- Implement API using Drag and drop Pipelines and Tasks (or Policies).
- API Profiles - share common characteristics between APIs or limit API Designers choices.
API Gateway
- API usage/monitoring
- Several datastores including Elasticsearch provided by default, and API to roll-your-own.
- Rate limiting
- Choose from several implementations or use the API to create your own.
- Proxying or implementing APIs
- Mocking APIs
- Complex authentication and authentication - enabling full use of the entire arsenal of authentication options Ceptor has supported for decades.
- Examples of plugins and authentication options:
- Active Directory
- Generic LDAP server
- OpenID Connect / OAuth2
- API key
- Basic Authentication
- SSL client certificates
- WS-Security
- SAML / ADFS
- TOTP Authenticator
- SMS OTP authenticator
- NTLM
- SPNEGO / Kerberos
- NemID
- BankID
- Fido U2F
- Script based custom authentication makes it possible to build your own.
- Examples of plugins and authentication options:
- Gateway configuration can override security defined on APIs
- Expose published APIs on multiple environments in one or more gateways - based upon hostname, path, restricted IP addresses, GeoIP etc. etc.
- Plugins for API usage datastore, use a prebuilt or create your own
- Consolidate usage information from many sources including Ceptor into your own custom data repository or SIEM product.
- Authentication and authorization
- Use Ceptor's API partner or your own existing user repository.
...