Versions Compared

Old Version 9

changes.mady.by.user Patrick Ahmed

Saved on

compared with

New Version 10

changes.mady.by.user Kim Rasmussen

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • An API Group is a container for APIs, it is a way of categorizing APIs
  • An API exists inside an API Group - one API can contain many API Versions
  • A number of Subscription Plans can be associated with an API
  • A Subscription Plan contains a set of Rate Limits, which limits the number of requests which can be made by one API Partner Application in a given time period.
  • An API Version contains the API Specification, Implementation, Security restrictions and is published to one or more Environments
  • You can have as many Environments as you want, e.g. Sandbox, Production, Preproduction or TestOne, TestTwo and TestTree.
  • Ceptor API Gateway serves APIs within one or more Environments. When APIs are called, API Usage information is stored for later analysis.
  • Ceptor API Gateway authenticates users using the Session Controller which has Authentication Plugins that looks up Partner Applications based upon client IDs, API keys, SSL client certificates or other credentials.
  • One API Partner is an organisation or group that has a number of API Partner Applications registered to it.
  • An API Partner and its Partner Applications are registered in the API Developer Portal by API Developers who can self-register in the portal.
  • An API Profile can be used to specify common settings for a set of APIs, e.g. security settings, or it can limit which element an API Designer is allowed to use.
  • An API Designer use Ceptor Console / to author and design APIs.

Features

API Management

  • API lifecycle
  • OpenAPI, WSDL or Plain HTTP APIs
  • Publish APIs to one or more environments
  • Mock APIs
  • Restrict access to APIs or operations
  • Implement APIs in JavaScript, Groovy or Python
    • Create environment-specific or global implementation
    • Template responses created from OpenAPI schema
  • Proxy APIs
  • Implement API using Drag and drop Pipelines and Tasks (or Policies).
  • API Profiles - share common characteristics between APIs or limit API Designers choices.

API Gateway

  • API usage/monitoring
    • Several datastores including Elasticsearch provided by default, and API to roll-your-own.
  • Rate limiting
    • Choose from several implementations or use the API to create your own.
  • Proxying or implementing APIs
  • Mocking APIs
  • Complex authentication and authentication - enabling full use of the entire arsenal of authentication options Ceptor has supported for decades.
    • Examples of plugins and authentication options:
      • Active Directory
      • Generic LDAP server
      • OpenID Connect / OAuth2
      • API key
      • Basic Authentication
      • SSL client certificates
      • WS-Security
      • SAML / ADFS
      • TOTP Authenticator
      • SMS OTP authenticator
      • NTLM
      • SPNEGO / Kerberos
      • NemID
      • BankID
      • Fido U2F
      • Script based custom authentication makes it possible to build your own.
  • Gateway configuration can override security defined on APIs
  • Expose published APIs on multiple environments in one or more gateways - based upon hostname, path, restricted IP addresses, GeoIP etc. etc.
  • Plugins for API usage datastore, use a prebuilt or create your own
    • Consolidate usage information from many sources including Ceptor into your own custom data repository or SIEM product.
  • Authentication and authorization
    • Use Ceptor's API partner or your own existing user repository.

...