Introduction

WSO2 API Manager is a platform for developing, integrating, and exposing API services as managed APIs in cloud, on-premise and hybrid architectures. It enables API developers to create, publish, and manage the lifecycle of APIs, as well as API product managers to create API products from one or more APIs. It is an open-source platform for integrating multiple APIs and serving as a centralized point of contact.

WSO2 provides portals that can be used for the following purposes :

Publisher Portal: User interface that allows users to create a new API by integrating with an external API, as well as the authentication method, and so on.

Devportal: UI provided to client users, and they can subscribe to available APIs and test and use them accordingly.

Carbon Portal : Web portal that allows the creation of internal users and roles for the WSO2 portal, configuration, and all admin-related activities.

Overview

This document covers WSO2 API Manager setup and installation, followed by Denodo REST API and GraphQL integration, WSO2 authentication mechanisms, and finally setting limits on the number of requests for the integrated API.

Installation

• Download the WSO2 API Manager Archive file from the WSO2 Website.
• Extract the downloaded ZIP file.
• WSO2 API Manager is supported only on JDK 11 and 17, so ensure that the JAVA_HOME environment variable is set to the corresponding JDK path.
• Once everything is in place, run the batch file api-manager.bat under the <APIM HOME>/bin folder to launch the API Manager. It might take a few minutes to start.
• WSO2 by default runs on 9443 port. So if Denodo and WSO2 are installed on the same server it is important that both the servers do not use the same port.
• After that, use the following URL to access the WSO2 Publisher portal: :

            https://localhost:9443/publisher

• Log in with the default admin/admin credentials. If you have successfully logged in, you are now ready to use the WSO2 API Manager.

Integration Process

From the WSO2 API Manager, it is possible to integrate any API endpoint and to manage different API endpoints under a single API endpoint with a common host and port. The following are some integration examples :  

1. Integrating a published REST Web Service.
2. Integrating the Denodo Restful WebService.
3. Integrating the Denodo GraphQL Service.

Integrating a published  REST Web Service

Create and publish a Denodo view as a REST Web service and set “JSON” as default representation in the Settings Tab.

Steps to integrate with WSO2 API :

1. Login to the WSO2 Publisher Portal : https://localhost:9443/publisher 
2. Click Create API > Start from Scratch under the REST API.
3. Enter the name for the API : DenodoRESTAPI
4. Enter the context for the creating API :    /denodoapi      (Note: it could be any name but without white spaces and special characters)
5. Specify the version : 1.0.0
6. Endpoint : Provide the endpoint of the published REST API.  

http://<host>:<port>/server/<database>/<view>

e.g.: http://localhost:9090/server/admin/bv_products 

7. Click Create.
8. Once created it will shown as below :

9. Go to API Configuration > Runtime on the left pane. 
10. Select Transport level security  >  HTTP. 
11. Select Application level security > Basic  ( Please note, this is authentication for the WSO2 API).
12. Click ‘Save’ to save the runtime configuration.  
13. Navigate to the Resources section.
14. Delete all the predefined HTTP headers.
15. Go to HTTP Verb and select ‘GET’.
16. Enter the URI Pattern i.e, resource endpoint. For instance: /views/call_center

17. Click the + icon and Save to save the resources section.
18. Navigate to the Endpoint section.
19. Ensure the provided endpoint URL is correct. This is the actual endpoint which will be triggered while calling from the WSO2 API endpoint.
20. Uncheck the Sandbox environment. (If needed, you could also manage both environments)
21. If the target endpoint is secured, then click the Shield icon specify the endpoint credentials.

22. Select the target endpoint authentication type (for the Denodo REST API) : Basic / Digest / OAuth 2.0 and provide the credentials.

• In case of OAuth authentication, the WSO2 supports the grant types Resource Owner Password and Client Credentials. In both types, there is no field to specify the Scopes. Hence, for OAuth authentication, specify the scope value in the parameter.
• Click ‘Add New Parameter’.

• Parameter Name : scope , Parameter value: <scope_name>. 

23. Click ‘Submit’ and ‘Save’ to save the Endpoint configuration.
24. Click ’Overview’ in the left pane and click ‘Deploy’. It will show the ‘Revisions’ tab. For each deployment, it will create a new revision. By using this, it is possible to revert back to the previous version of the API. Each API can have a maximum of five revisions.

25. Finally, "Publish" the created API from ’Overview’ section. Click "View in DevPortal" and log into the WSO2 DevPortal by using admin/admin, and the final endpoint will be there.

• Copy the URL and test with an external HTTP client like Postman. You could also try out the same thing on the dev portal itself.

• Since the created endpoint was configured with Basic Authentication in step 11, select the Authorization header as "Basic" and provide the credentials.

• While executing the request, the created WSO2 endpoint will be executed, which triggers the backend's actual published REST API endpoint, which fetches the results from the Virtual DataPort Server.

Integrating published REST Web service from the Swagger version 2 Definition

The WSO2 API Manager enables users to design the API from the Open API and Swagger 2.0 definitions rather than creating from scratch. For all of the published web services, Denodo Platform by default offers the Swagger specification v2.0 in both YAML and JSON formats.

The advantage of this approach is that the WSO2 API Manager will automatically produce all the resources (i.e., CRUD methods comprise many operations) and the destination endpoint while building the API from the Swagger definition. However, if the destination endpoint is secured, it must be set up in the Endpoint tab as in step 22.

Integrating the Swagger Definition API: Steps

• Open the Swagger specification file for Denodo's published example REST web service.

Example : http://localhost:9090/server/admin/bv_products/OpenAPI/swagger.json

• Copy the content of the endpoint and save it to a file.
• Login to the WSO2 Publisher portal.
• Go to Create API > Import Open API under the REST API.
• Select OpenAPI File/Archive and select the created text file containing Swagger definition.

Note: By choosing the Open API URL option, you could alternatively directly supply the Swagger URL, but if the API is secured, it will not be able to provide the credentials from here. The aforementioned approach, which involves choosing the OpenAPI File, can be used to get around this.

• Click Next after selecting the file.
• Ensure the endpoint is correct and click Create.
• Once created, all endpoint resources will be automatically produced and added to the Resources section.  
• Click ‘Business Plan’ in the Overview tab and select ‘Unlimited’ and click 'Save'.
• Following Deploy and Publish, the generated API is ready for use. You can test the endpoint by logging into the WSO2 Developer Portal or using an HTTP Client.

Integrating Denodo Restful WebService

The Denodo Restful Web Service provides an endpoint like http://localhost:9090/denodo-restfulws/<database>/views/<viewname>. To integrate this API, follow the same steps outlined in the previous section, except for the following:  

In step 6,  specify the endpoint : http://localhost:9090/denodo-restfulws 

In step 13 , in the Resources section create the following resources :

• HTTP verb : GET , URI Pattern : /{database}?$format=json  
• HTTP verb : GET , URI Pattern : /{database}/views/{viewname}?$format=json

In step 22, select Basic authentication and provide Denodo (VDP) credentials that can access the restful web service.

For other types of resources, refer to the Types of resources exposed by the RESTful Web service  documentation from the Virtual DataPort Administration Guide.

• Save the configurations, Deploy and Publish the API.

• Login to the WSO2 Devportal, copy the URI and test with the Postman client or test in the WSO2 devportal itself.

Integrating Denodo GraphQL Service

Denodo GraphQL Service can be accessed by the following URL, the host and port may be different based on your Denodo environment setup.

http://localhost:9090/denodo-graphql-service/graphql/<database>/schema.json

• Access the GraphQL endpoint by specifying a database and save the schema (JSON content) to a file.

• In the WSO2 Publisher Portal go to Create API > Import GraphQL SDL
• As soon as the file is validated, click Next.
• Specify the name for the API.
• Context :  /denodographqlwso2   (Note: you could specify any name)
• EndPoint : http://localhost:9090/denodo-graphql-service/graphql/<database>
• Click Create.

• Once created, go to the API Configurations > Runtime tab and select "HTTP" for transport level security and "Basic" for application level security and click Save.
• Navigate to the Endpoint and uncheck the Sandbox environment.
• Click on the shield icon on the production environment and select Basic auth and specify the Denodo VDP credentials..
• After performing the above, ‘Deploy’ and ‘Publish’ the created API.
• Now, the created API is ready to be accessed.

• Open Postman, use Basic authentication in the authorization header and provide the admin/admin credentials.
• Select GraphQL in the body section and enter the query. During execution, the backend graphql endpoint will be called and the results will be returned.

Eg : To return the output of two columns from a view called bv_city:

Additional Notes during the Integration Process

I) If a published WSO2 API needs to be modified, the following steps must be followed before making any changes:

• Select the API and navigate to the Lifecycle menu in the WSO2 Publisher Portal.

• Click Demote to Created.
• Once the modifications have been done, redeploy the API and Publish for the changes to take effect.

II) If the API returned with issues after being successfully published, kindly restart the WSO2 API Manager.

WSO2 authentication mechanisms

The WSO2 API offers a number of API authentication methods, including Basic, OAuth, and API Key. WSO2 generates the token in accordance with its own identity provider.Refer to the WSO2 official documentation which contains the more detailed information about the different Authentication mechanism for securing the API.

Setting limits on the number of requests

In the form of "Business Plans", the WSO2 API Manager allows restricting published API access based on the number of requests per minute. The WSO2 API Manager has provided the following business plans:

• Bronze : Allows 1000 requests per minute.
• Gold : Allows 5000 requests per minute.
• Silver : Allows 2000 requests per minute.
• Unlimited : Allows unlimited requests.

All APIs are configured with Unlimited plans by default, and these Business plans can be changed in the WSO2 Publisher Portal. In order to do so:

• Open the API service > Subscription Menu under the Portal Configuration.

You could also create custom business plans and assign them to the published APIs. It is possible to do so using the WSO2 API Manager's Admin Portal.

• Login to the WSO2 Web Admin Portal : https://localhost:9443/admin
• Select Subscription Policies.
• Click Add new Policy.
• Once the policy is created, then it will be visible for all the API in the WSO2 Publisher Portal and that plan can be assigned to the API.

Example :

Created a plan named DenodoPolicy and configured to accept 100 requests per minute.

After creation, it will be visible under the Business Plan for all the APIs.

References

Design an API 

Setting Limits for Rate Limiting

Secure Endpoints 

Deploy and Publish APIs

Consumer API