Hi, Following are the notes for the meeting on APIM story for AppFactory.
API usage in AF ------------------------ What we have now is that app owners subscribe to APIs in the store which is deployed with AF, get a token per app and the rest of app team uses these. An App developer will use the token for that application and write the app. When the application runs, it will do the api call via the api gateway. A precondition is that APIs should be published previously in this API store for consumption. This behavior would be called using managed APIs. In addition to this, an app can also have calls to other APIs which are not in this store. Details of these would be handled via properties of an app. such details would be API name, token (sandbox and production), url (one or many for sandbox and production), api authentications information such as consumer key and consumer secret, API token etc.. This is known as usage of unmanaged API. API cloud --------------- Very briefly, in this scenario each tenant will have store and a gateway. APIs will be created and published for either internal or external use and consumers would discover and use these APIs. In a single deployment the flow would be as follows. --------------------------------------------------------------------------- 1. Register tenant with tenant admin - turn on API and App clouds (have provision to turn on API cloud later) 2. Tenant admin adds users (of all types) 3. Some users are allocated the app owner role , a few the api publisher, etc.. 4. The user with api creator role logs in and creates APIs with visibility set only for app owners - these are internal APIs 5. A user who is an app owner logs in and creates an app, invites devs within tenant and subscribes to created APIs When we have the app cloud and the API cloud, then we come across the following complexities: --------------------------------------------------------------------------------------------------------------------------------------------- 1. Do we have one API store or two separate stores where one is only for app factory usage. This APIM will have reduced functionality. - external and internal APIs - if to have one store then, we will have to have unified application names (apps created in AF and apps created in APIM) and both AF and API cloud will have to check before creating an app. - ideal situation would be to have a similar appkey in both AF and APIM 2. Eventually the apps (services) created through app factory should be published as APIs via the API cloud 3. Apps and APIs would end up in an enterprise store Items to do: 1. Currently have two APIMs - one for the API cloud and the other for AF usage only (with internal APIs) 2. Have the facility in AF for apps to use unmanaged APIs as well - through property values in an app 3. Improve UI representation of APIs in AF -Need to show managed and unmanaged APIs separately -Need to have meaningful labels for API details 4. Work on getting a unified app name from AF and APIM fronts and evolve to a single store. @AF team and AM team, please add/correct if I have missed anything. Thank you, Shiro -- Shiroshica Kulatilake Architect, WSO2, Inc. http://wso2.com/ Phone: +94 776523867
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
