Adding + Correcting some points
On Thu, Sep 5, 2013 at 5:55 PM, Shiroshica Kulatilake <[email protected]>wrote: > Hi, > > Following are the notes for the meeting on APIM story for AppFactory. > > API usage in AF > ------------------------ > What we have now is that app owners subscribe to APIs in the store which > is deployed with AF, get a token per app and the rest of app team uses > these. An App developer will use the token for that application and write > the app. When the application runs, it will do the api call via the api > gateway. A precondition is that APIs should be published previously in this > API store for consumption. This behavior would be called using managed APIs. > In addition to this, an app can also have calls to other APIs which are > not in this store. Details of these would be handled via properties of an > app. such details would be API name, token (sandbox and production), url > (one or many for sandbox and production), api authentications information > such as consumer key and consumer secret, API token etc.. This is known as > usage of unmanaged API. > The final decision was to implement a UI to fill these information. We would be having 2 UIs for OAuth (with the properties you have mentioned) and basic auth ( with username, password fields) > > > API cloud > --------------- > Very briefly, in this scenario each tenant will have store and a gateway. > APIs will be created and published for either internal or external use and > consumers would discover and use these APIs. > > > In a single deployment the flow would be as follows. > --------------------------------------------------------------------------- > 1. Register tenant with tenant admin - turn on API and App clouds (have > provision to turn on API cloud later) > And if person A comes and register wso2.com tenant domain for App cloud we should not allow person B to register wso2.com for API cloud coz A would need the domain > 2. Tenant admin adds users (of all types) > 3. Some users are allocated the app owner role , a few the api publisher, > etc.. > 4. The user with api publisher role logs in and creates APIs with > visibility set only for app owners - these are internal APIs > 5. A user who is an app owner logs in and creates an app, invites devs > within tenant and subscribes to created APIs > > > When we have the app cloud and the API cloud, then we come across the > following complexities: > > --------------------------------------------------------------------------------------------------------------------------------------------- > 1. Do we have one API store or two separate stores where one is only for > app factory usage. This APIM will have reduced functionality. - external > and internal APIs > - if to have one store then, we will have to have unified application > names (apps created in AF and apps created in APIM) and both AF and API > cloud will have to check before creating an app. > This is because the app created in App cloud should be able to published in API cloud > - ideal situation would be to have a similar appkey in both AF and APIM > 2. Eventually the apps (services) created through app factory should be > published as APIs via the API cloud > 3. Apps and APIs would end up in an enterprise store > > > Items to do: > 1. Currently have two APIMs - one for the API cloud and the other for AF > usage only (with internal APIs) > 2. Have the facility in AF for apps to use unmanaged APIs as well - > through property values in an app ( IIRC the final decision was to have a > set of UIs as I mentioned above) > 3. Improve UI representation of APIs in AF > -Need to show managed and unmanaged APIs separately > -Need to have meaningful labels for API details > 4. Work on getting a unified app name from AF and APIM fronts and evolve > to a single store. > > > @AF team and AM team, please add/correct if I have missed anything. > > Thank you, > Shiro > > -- > Shiroshica Kulatilake > > Architect, > WSO2, Inc. http://wso2.com/ > Phone: +94 776523867 > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- Thanks & Regards, Ashansa Perera Software Engineer WSO2, Inc
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
