API Management

Design

Prototype APIs easily

Developers can choose from a wide range of tools to create API descriptions in OpenAPI format which is supported by OCI API Gateway.

OpenAPI support

Support for the widely recognized OpenAPI standard enables third-party developers to easily adopt your organization’s APIs.

Improve efficiency in the design process

With stock response API support via OCI API Gateway, an API description can be quickly prototyped and tested by development teams. Having early feedback can help the team eliminate risk in writing the code.

Update API code directly from the OCI console

You can use Code Editor to quickly edit API specifications directly within the OCI console. Code Editor comes with Git integration, automatic versioning, personalization, and built-in integration with OCI services.

API and app security

API security

Secure your APIs using JSON Web Tokens provided by Oracle Identity Cloud Service, Okta, Auth0, and other third-party identity providers. Create APIs that support cross-origin resource sharing (CORS) for web page interoperability.

Rate-limiting policies

Rate limiting for APIs can throttle traffic to back-end services, controlling exposure to the internet and protecting against denial-of-service attacks.

Web application

OpenID Connect is used as a common enforcement point for apps and APIs as well as a means to proxy authentication for applications unable to support the OpenID Connect flows directly.

Deploy APIs

Oracle-managed API front end

Oracle API Gateway is a highly available virtual network appliance that can receive API calls at scale and route them to OCI back-end services, such as load balancers, compute, Kubernetes, and serverless functions.

Deploy APIs privately or publicly

Based on their application’s requirements, API developers can restrict API access within a private network (a regional subnet) or enable API access from the internet.

Serverless APIs

Serverless APIs using OCI API Gateway and Oracle Functions can automatically scale up and scale down resources based on demand, eliminating infrastructure operations.

Track usage and monetize APIs

Create usage plans

API managers can create usage plans within API Gateway and define API access tiers. Usage plans and subscriptions can be shared with internal user groups and the external developer ecosystem.

Manage subscription

API managers can manage subscriptions and entitlements, enabling API consumers to subscribe to APIs.

Drive value from usage

API teams can monitor the traffic and analytics of their APIs based on the usage plan and subscriptions. This enables customers to analyze usage patterns as well as unlock new revenue streams by monetizing APIs.