TMCnet News
Latest Release of WSO2 API Manager Expands Security and Support for Kubernetes, Microservices, and Serverless AppsMountain View, CA, April 07, 2020 (GLOBE NEWSWIRE) -- APIs are the core building blocks of digital businesses—assembling data, events and services from within the organization, throughout ecosystems, and across devices. This is driving demands to maximize adoption and reuse across internal and external portals and API marketplaces; ensure API security; and support modern architectures, including containers, microservices, and serverless computing. WSO2 has added significant new functionality to support these enterprises with the newest release of WSO2 API Manager, the only complete open source platform for creating, managing, consuming, and monitoring APIs and API products. The latest release builds WSO2 API Manager’s capabilities for delivering a seamless, end-to-end API management experience while addressing all the requirements of API creators, product managers, and consumers. Available today, it includes:
“APIs are at the heart of the modern, cloud-native applications and services that are powering today’s digital businesses,” said Paul Fremantle, WSO2 CTO and co-founder. “The latest release of our open source WSO2 API Manager for full lifecycle API management builds on the proven technology that already powers billions of API calls daily to support these demands. Not only have we extended support for microservices and DevOps-driven cloud environments; we’ve also enriched API security and made it easier than ever for developers to find, try out, and use APIs.” New WSO2 API Microgateway Release The newest release of WSO2 API Microgateway adds support for gRPC, the open source remote procedure call system widely used for microservices and mobile apps. Through support for gRPC APIs, WSO2 API Microgateway helps users to expose managed gRPC endpoints. Other new capabilities include:
Extended Support for Microservices and Serverless Architectures AWS Lambda Integration. Increasingly enterprises are building applications designed to run on the AWS Lambda event-driven serverless computing platform in order to cut the time and cost of deploying apps and increase the scalability of backend services. The new AWS Lambda integration in WSO2 API Manager enables developers to use AWS Lambda functions through a variety of services using APIs. WSO2 API Manager facilitates the invocation of AWS Lambda functions using either stored AWS credentials or identity and access management (IAM) role-supplied temporary AWS credentials. Kubernetes API Operator. Kubernetes is effectively the de facto cloud orchestration platform for DevOps-driven environments. In 2019, WSO2 API Manager became the first full lifecycle API management platform to natively support Kubernetes through a Kubernetes API Operator. By making the management and configuration of APIs a core part of the Kubernetes platform, the Kubernetes API Operator enables higher productivity for developers, DevOps, and cloud administrators when building, deploying, and managing APIs. The newest Kubernetes API Operator release supports multiple Docker registries, such as Docker Hub, Amazon Elastic Container Registry (ECR), Google Container Registry, Quay.io, and HTTP(S) Docker registries. It also provides the ability to expose multiple Swagger definitions as an API, and it gives a Swagger definition to Kubernetes that makes it easy to deploy a microgateway for microservices within minutes. Additionally, the new Kubernetes API Operator version enables developers to:
Expanded API Security API Security Audit Integration. In partnership with 42Crunch, WSO2 has developed an open source extension that integrates 42Crunch API Security Audit with WSO2 API Manager. Through the extension, enterprises can use API Security Audit to assign a score to an API based on the Swagger definition of the API. The resulting audit report takes into account OpenAPI format requirements, security, and data validation when scoring an API and presents the impact for each of these three areas. Using the report, API developers can identify and eliminate any existing security loopholes in a given API—tracking exactly where an issue is and taking corrective actions. API Security Audit also points to an encyclopedia that contains additional details on what the vulnerability is, how it can be exploited, and how it can be fixed. Once developers identify the fix, they can use the built-in Swagger Editor in WSO2 API Manager to edit the API definition and then re-check the score using API Security Audit. JWT Authentication Support. Support for JSON Web Tokens in WSO2 API Manager means that when APIs are secured using the OAuth 2.0 authorization protocol, JWTs issued for users from the API Manager security token service (STS) can be used to invoke APIs. This greatly simplifies the ability to perform true hybrid and distributed deployments of API gateways, significantly increases API gateway scalability, and reduces operational costs. Enhancements in the newest release of WSO2 API Manager:
Enhanced Developer Experience API Store Recommendation System. Traditionally, developers have conducted standard API searches in the API Store in WSO2 API Manager to see a list of applicable APIs. Now, powered by AI, the API Store can recommend APIs to subscribers by analyzing the behavior of a developer and the application being developed. This helps subscribers to discover more useful APIs with less effort. API Categories. API providers can now categorize their APIs easily with this feature. The API Store (i.e. developer portal) will display the APIs under their respective categories, making it easier to discover these APIs and subscribe to them. API providers no longer are required to remember any tag-wise group naming conventions; instead they can simply select the applicable category for an API and save it. If there is no suitable category, API providers can request that the administrator add one. API Mocking. The new API mocking feature builds on the existing API prototyping functionality in WSO2 API Manager, which lets developers try out APIs easily without a subscription. Using the new API mocking feature, developers can easily include different mock payloads in order to offer a real experience to API testers. The inline script for payload generation will be generated automatically for each response code and payload type based on the example values or response schemas defined in the API definition. Availability and Support About WSO2 Trademarks and registered trademarks are the properties of their respective owners. Shifali Erasmus Kinetic.PR for WSO2 [email protected] Mobile: 650-544-6424 |