API Publisher Portal

DigitMarket^TM API Manager (DM-APIM) is a complete package to help manage your APIs and make them into tools that propel your business forward.

Our API Management product, “DigitMarket^TM API Manager” has four components that work in unison to provide the following basic runtime functionality:

The Publisher Portal

The API publishers configure the APIs, API packs, usage plans, usage policies and so on using this portal. Key features:

• Create secure API proxies
• Create API packs from multiple APIs
• Advanced Policy library with facility to share policies across multiple APIs
• Workflow/approval cycles on policy lifecycle
• Configure transformations at API and resource levels
• Ability to create multiple usage plans with different set of runtime policies for each plan Ex: Basic, Gold, Silver, Platinum, etc
• Ability to selectively deploy and manage plans on different gateway runtime instances from a single screen
• Near-real-time statistics visualization
• Advanced and highly granular role-based access control for all features - API Visibility, management, publishing and consuming

The Developer Portal

The developers discover, explore, try out and subscribe to the publishers’ APIs using this portal. The publisher can tailor the appearance of the developer portal as per their needs. Key features:

• Developer self-registration
• Ability to search and navigate the portal with the same user experience of an online store; with clear listing of most popular APIs, What's new, API price, description, etc
• Facility to manage the subscriptions through an easy interface
• Ability for internal and external developers, API providers to quickly view statistics of their API usage
• Facility for API providers to easily expose/create APIs by proxying existing endpoints and attaching policy templates
• Help / support ticket system built-in for API developers to report issues, bugs, etc

The Gateway

The gateway enforces the policies defined by the publishers, validates the subscriptions, collects metrics, and enforces quotas. The gateway is configured and managed using the publisher portal. No coding or customization is required. Key features:

• Event-driven paradigm used to implement the gateway, hence high concurrencies can be achieved easily
• Policy enforcement (details of each policy is described in our answer to the next question)
• Cluster-wide policy enforcement
• Quota overrun alerts with configurable threshold
• Transaction recording for analytics
• Multi-gateway runtime architecture to support isolation of high-traffic, high-volume APIs. Configuration and management is central though
• Subscription validation and auto-renewal facility

OAuth Authentication Server

• Token management
• Supports OAuth custom grant types

Multiple types of consumers like internal developers, B2B Partners and external developers like apptrepreneurs and the general public can have features tailored for them in the developer portal. The configurable HTML files of the developer portal enable the publisher to tailor its appearance if the default appearance is not apt.

• Features applicable for Open API Economy model (External developers like Apptrepreneurs and general public)
  • AppStore-like interface for easy discovery and subscription to APIs
  • Explicit pricing information for public consumers with ability to hide pricing if required
  • Automatic subscription renewal feature, if enabled for specific developers
  • Workflow driven public developer verification to protect publishers from malicious developers
• Features applicable for B2B Partners
  • Ability for API Publishers to on-board and provide access to partners on their behalf
  • Can share the developer portal to B2B users as partner portal
• Features for internal developers
  • Each API supports visibility option, so developer portal can support mix of internal and external APIs that are fully isolated from each other
  • Ability for publishers to configure different usage plans/policies for the same API, one for internal and other for external developers
• Common features that is applicable for all types of consumers
  • Integrated sandbox capability that allows publishers to easily create a playground for APIs. Developers can try out the API
  • Integrated API documentation using hybrid approaches - static documentation and OpenAPI (Swagger) test client. Documentation can be uploaded in the form of HTML, therefore the appearance can be tailored as per publisher wish
  • Statistics for API usage
  • Quota usage in real-time

• DigitMarket^TM API developer portal is fully customizable. A revamped developer portal can be published via the CMS feature in the publisher portal as all the capabilities of the former are available as APIs. The users can choose to rebrand the developer portal or change flows on the developer portal using this capability. The default developer portal template is provided as part of product that can be used as a reference to customize the new set of navigation flows
• Documentation can also be uploaded in customized templates while defining an API
• API Categorization and organizing is built into the developer portal; and is administered via the publisher portal
• Integrated Discussion forum that allows developers to ask questions, raise bugs, suggest features, etc
• Integrated Sandbox environment and “Try It” for quick exploration
• Ability to generate client code for different technologies based on the Swagger(OpenAPI) specification

Yes, we offer an innovative multi-tenant architecture for publisher and developer portal. Large, geographically distributed enterprises would like to provide APIs to their community of consumers across different business units. DigitMarket^TM API Manager supports multi-tenancy where one installation of the product supports a feature where in different API provider sub-organizations and consumer sub-organizations can be created. Each provider sub-organization has its own exclusive publisher portal and associated developer portal for its consumers. Each tenant, independent of other tenants can customize the APIs, look and feel of the portal, and do much more.

When customers want isolated environments for themselves, we provide the same. Certain customers will be hesitant to share the application instance with others. In such cases we provide a separate managed instance on the cloud, at a separate cost.

DigitMarket^TM API Manager Publisher and Developer Portals are driven by workflows. There are approval cycles for governing and moderating changes for every new artifact, policy or a configuration change. .Once the artifacts such as API proxies, packs, policies are configured on the publisher portal, it is submitted to the business user for approval. Once the configuration is approved, and synced with the gateway, publisher portal automatically publishes the APIs to the developer portal. The price plans, usage plans are explicitly shown to make the subscription process easier. Alternatively, publishers can choose to have hidden/private plans exclusively for B2B developers.

Private B2B APIs between trading partners are common and must be managed. These APIs could be a part of a supply chain in manufacturing, in commerce between suppliers and retailers, or in healthcare or life sciences ecosystems.

Specific APIs and/or specific API features can be hidden from the general public by API publishers on the Developer Portal. Each API usage plan has visibility settings that allow granular configuration of APIs. For some B2B scenarios, we configure two-way SSL with mutual authentication where both the parties are known to each other. Also, as both the provider and consumer endpoints are known to each other, we configure additional security policies such as IP white-listing. Some of our clients prefer to deploy an instance of API gateway in a separate VPN-enabled network over the Internet, which is not visible to the general public. Some other clients prefer to combine partner-specific APIs with the Open API developer portal.

An extensible adapter SDK is also provided that allows creation of custom adapter for any B2B specific applications/protocols. Though the adapter for specific B2B protocol does not exist now, such as EDI, RosettaNet, etc, one time activity of adapter development as part of a project will help us re-use it across other instances where there is a need for those protocols.

If the API is configured to use the documentation, the viewer is available inside the Developer Portal. Documentation is automatically uploaded from when the page is loaded. The API Manager who configures the documentation must have the right user account. However, anyone can have access to the documentation.