ADAMOS API Management
An application developed and operated on the ADAMOS IIoT Platform in most cases provides information, for example alarms or calculated KPIs indicating possible anomalies and malfunctions, through a web user interface. However, external consumers of the application (e.g. in an automation use case) might not be that much interested in a user interface, but rather an API which they can use to tie in the information provided by the application into their own application’s context. Therefore APIs become critical components of applications.
The ADAMOS API Management module delivers the capabilities required to create, manage, and offer such APIs.
The API Management module allows you to create both REST and SOAP APIs for applications part of your industry 4.0 IT landscape. Creating new APIs can be done from scratch or even more easily by importing Swagger or RAML definitions for REST APIs and WSDLs for SOAP APIs.
Once you have created your APIs you can configure API policies to implement non-functional requirements such as security, protocol transformation, routing and alike. Such policies address for example protocol transformations (e.g. SOAP to JMS), request routing (e.g. straight-through, content-based, load-balanced, context-based), authentication (e.g. Basic, SAML2 Token, WSS-Username Token, WSS X.509 Token, OAuth2 Token), request signing and encryption, and traffic management through API quotas and rate limits.
APIs can be enabled for monitoring to gain more insights about their availability and execution behavior. KPIs that are calculated for the collected data are for example the API availability, minimum, maximum, and average response time, success count, failure count, total count. You can also configure alert rules to notify API owners in case any of the service level agreements gets violated. Dashboards visualize both KPIs and alerts and provide easy to understand overviews of the API usage and behavior.
API Self-Service Portal
ADAMOS API Management features a self-service portal for developers and B2B partners for discovering and subscribing to APIs. Developers can test the SOAP and REST APIs for their various applications (tokens) and against different endpoints (sandbox, production, etc.) straight in the portal. Social collaboration features allow developers and API communities to exchange feedback about their API experience. Built-in portal analytics provide key information to understand and improve the usage of the API portal and answer questions as for example where API consumers are from, what the bounce rate is and which APIs are embraced the most.
The API Gateway provides several security features such as
protection against denial of service attacks,
message size based filter rules to evaluate and check the actual request size against configured request size Limits,
SQL injection protection filter rules to evaluate requests based on the OWASP Enterprise Security API,
anti-virus scanning rules to evaluate requests by interacting with an Internet Content Adaptation Protocol (ICAP)-compliant Server,
custom filter rules allowing you to invoke a custom web service to evaluate any request matching the custom filter definition.