The Oracle API Gateway manages, delivers, and secures enterprise APIs, applications, and consumers. The following overview diagram shows the range of transports and protocols supported by the API Gateway on the left, and the services that it provides on the right:
The Oracle API Gateway supports the following main services:
API Transformation
This includes the following:
-
API virtualization and mediation
-
Wide range of protocols, data formats, and standards
-
Bi-directional transformation (for example, REST-to-SOAP, XML-to-JSON, and HTTP-to-JMS)
API Control and Governance
This includes the following:
-
Service Level Agreement (SLA) monitoring and enforcement
-
Quota management, traffic throttling, and load balancing
-
Content-based routing, blocking, and processing
-
Auditing of transactions
API Security
This includes the following:
-
Protect APIs at all levels (interface, access, and data)
-
Authentication and authorization
-
Identity mediation and integration with IDM platforms
-
Data monitoring, redaction, encryption, and signing
-
Key and certificate management
API Monitoring
This includes the following:
-
Real-time API monitoring, with alerting based on errors, exceptions, and thresholds
-
Configurable logging of API transaction data
-
Analyze API use for insight and trends
-
Automated generation and delivery of reports
API Development Lifecycle
This includes the following:
-
Manage API lifecycle from creation to end-of-life
-
Drag-n-drop policy creation with intuitive flow chart metaphor
-
Extensive library of pre-built policy rules
-
Interactive API testing tool
-
Promotion between environments
API Administration
This includes the following:
-
Manage all aspects of the daily API operations
-
Transaction management
-
Tracing and debugging
-
OAuth client management
The API Gateway does for APIs what the Application Server does for applications. This API Gateway role as core application infrastructure is shown as follows:
The API Gateway can be seen as the API runtime environment, which provides core services such as the following:
-
Security (for example, authentication and authorization)
-
Connectivity with a range of different protocols
-
Virtualization
-
Scalability and elasticity
-
High availability
-
Manageability (for example, using API Gateway Manager)
-
Development simplicity
Because the API Gateway provides this core API infrastructure, developers can focus on providing the application logic. They no longer need to build these services into their application, and can leverage the core infrastructure provided by the API Gateway.
Previously, the API was not treated as a first class citizen, and in many cases was part of the application interface. However, the API Gateway sees the API as a first class artifact, with its own particular constructs, and its own runtime environment. The API Gateway provides all of the same benefits for the API that the application server provides for the application. In this way, it is important to distinguish between the API and the application as two distinct entities.
The API Gateway provides the following user roles:
These user roles are described as follows:
Policy Developer
This user role virtualizes APIs and develops policies for APIs. Policies are rules used to govern or manage an API (for example, for security, integration, SLA monitoring, or transformation). This is a technical developer role.
KPS Administrator
This is a business or operational role managing dynamic policy configuration data in a Key Property Store (KPS). A KPS is used to store parameters that are passed into policies at runtime (for example, authorization levels, quotas, or customer details). This means that these details do not need to be configured by the policy developer.
API Gateway Administrator
This role monitors, manages, and troubleshoots the API Gateway. It has full administrative privileges, including deployment of API Gateway configurations. This is the traditional system administration or operational role for the API Gateway. It involves keeping the API Gateway running, monitoring its operation, managing any settings, and performing any troubleshooting. This user typically works in an upstream staging or production environment instead of in a development environment.
API Gateway Operator
This role monitors the API Gateway. It has read-only administrative capability. This is typically a production operations role.
Deployer
This role deploys API Gateway configurations using scripts. It has a restricted deployment role, and is typically used in production environments.
