Premier Certified Partner WSO2

Freedom only

At Yenlo we are happy fan of WSO2. We breathe open source. No licenses, no obligations, but FREEDOM and endless innovation. It’s in our motto: What you need is what you get. We use the open source integration platform to build the future of your business technology. You get complete middleware, not just a hub that deals with messages. And you get us, your main partner. Worldwide. No. 1. No kidding. Check.


WSO2 API manager is a complete solution for designing and publishing APIs, creating and managing a developer community, and for scalably routing API traffic. It leverages proven, production-ready integration, security, and governance components from the WSO2 Enterprise Service Bus, WSO2 Identity Server, and WSO2 Governance Registry. In addition, it leverages the WSO2 Data Analytics Server for analytics, giving you instant insight into APIs behavior.

As with all WSO2 products, the WSO2 API Manager is 100% open source, a true open source api management solution for everybody. Designed for easy customization, it is extensively pluggable to integrate with existing infrastructure in your enterprise. This module is also based on the WSO2 Carbon framework, so you can benefit for all default features of a Enterprise ready middleware platform.

Design and Prototype APIs:

  • Design APIs, gather developers' feedback before implementing (API First Design). Design can be done from the publishing interface or via importing an existing Swagger 2.0 definition
  • Deploy a prototyped API, provide early access to APIs, and get early feedback
  • Mock API implementation using JavaScript
  • Supports publishing SOAP, REST, JSON, and XML style services as APIs
  • Supports grouping of multiple APIs based on the version
  • A sample API to try-out for a hassle-free first experience

Publish and Govern API Use:

  • Publish APIs to external consumers and partners, as well as to internal users
  • Ability to publish APIs to a selected set of gateways in a multi-gateway environment
  • Support enforcement of corporate policies for actions like subscriptions, application creation, etc. via customizable workflows
  • Manage API visibility and restrict access to specific partners or customers
  • Manage API lifecycle from cradle to grave: create, publish, block, deprecate, and retire
  • Publish both production and sandbox keys for APIs to enable easy developer testing
  • Manage API versions and deployment status by version
  • One-click deployment to API gateway for immediate publishing
  • Support custom lifecycles leveraging WSO2 Governance Registry

Control Access and Enforce Security:

  • Apply security policies to APIs (authentication, authorization)
  • Rely on OAuth2 standard for API access (implicit, authorization code, client, SAML, IWA Grant Type)
  • Restrict API access tokens to domains/IPs
  • Supports plugging in third-party key servers for application registration, token generation & token validation apart from the WSO2 Key Manager
  • Block a subscription and restrict a complete application
  • Associate API available to system-defined service tiers
  • Encodes JWT with Base64 and Base64URL
  • Leverage XACML for entitlements management and fine-grain authorization
  • Configure Single Sign-On (SSO) using SAML 2.0 for easy integration with existing web apps

Create a Store of all Available APIs:

  • Graphical experience similar to popular applications stores
  • Browse and search APIs by provider, tags, or name
  • Provision API keys
  • Subscribe to APIs and manage subscriptions on per-application basis
  • Subscriptions can be at different service tiers based on expected usage levels
  • Try APIs directly from the storefront
  • Internationalization support
  • Common view of the store for users registered under same organization

Manage Developer Community:

  • Self-registration for developer community to subscribe to APIs
  • Developer interaction with APIs via forums, comments, and ratings
  • View API consumer analytics

Manage API Traffic:

  • API gateway can act as SSL termination point
  • Supports protocol transformation, data transformation, and API composition
  • Maps between HTTP(s) and other protocols, such as JMS or writing to file systems
  • Extremely high performance pass-through message routing with minimal latency
  • Enforces rate limiting and throttling policies for APIs by consumer
  • Throttling hard limit for API
  • Horizontally scalable with easy deployment into cluster using proven routing infrastructure
  • Supports up to 1300 TPS on a single node

Monitor and Monetize:

  • All API usage published to pluggable analytics framework
  • Out-of-the-box support for WSO2 Data Analytics Server and Google Analytics. Supports configuring WSO2 Data Analytics Server through a graphical interface.
  • Track consumer analytics per API, per API version, per tiers, and per consumer
  • Configurable payment schemes to monetize API usage
  • Monitor SLA compliance
  • Alerting, real-time dashboards
  • Publish your own events and create your own dashboards
  • OOB support for events based on throttling, faults, latency within and from WSO2 API Manager to target and approval/rejection of self-registration, subscription and app creation

Pluggable, Extensible, and Themeable:

  • All components are highly customizable through styling, theming, and code extensions
  • Storefront implemented with Jaggery/JavaScript ( for easy customization
  • REST API with an extensible security mechanism; OAuth 2.0 is used by default
  • Pluggable to third-party analytics systems and billing systems
  • Pluggable to existing user repositories including Microsoft Active Directory, LDAP, databases, or Apache Cassandra
  • Components usable separately: API store can be used to catalog APIs deployed in third-party gateways

Easily Deployable in Your Enterprise:

  • Role-based access control for managing users and their authorization levels
  • Storefront can be deployed in DMZ for external access with publisher inside the firewall for private control
  • Different user stores for developer-focused storefront and internal operations in publisher
  • Integrates with enterprise identity systems including LDAP and Microsoft Active Directory
  • Gateway can be deployed in DMZ with controlled access to WSO2 Identity Server (for authentication/authorization) and governance database behind firewall

WSO2 Platform Multi-tenancy Support:

  • Run a single instance and provide API management to multiple customers, each in their own domain
  • Share APIs between different departments in a large enterprise

Interested in becoming an WSO2 API manager or WSO2 expert? Follow one of our official WSO2 training courses.

White Paper API Next Level

Yenlo Blog

want to know more?
Brochure aanvragen
 Offerte aanvragen