Features

These are some of the things wicked.haufe.io could do for you.


Leverage Kong as API Gateway

Use Mashape Kong to protect and proxy your backend APIs, securing them via API Keys or OAuth 2.0 Client Credentials flow.

Implement Rate Limiting

Using Mashape Kong's rich functionality, implement rate limiting for your APIs, wherever needed.

Full support of Kong's Plugins

Whatever Mashape Kong can do, you may configure it using the wicked Kickstarter application.

Authenticate with email and password

Let your users sign up with their email address and a password. Email addresses will be automatically validated by sending out verification emails.

Authenticate with ADFS and generic OAuth 2.0

Integrate the login process with your own ADFS 3.0 or generic OAuth2 identity provider.

Authentication with common Identity Proviers

You may also configure authenticating both for the Portal and for your APIs via GitHub, Google or Twitter out of the box.

Group based rights to APIs

Define custom user groups and assign those groups to users in order to limit access to specific APIs to specific groups. The Admin group can also be assigned.

Group based rights to custom content

The content section also supports group based access, e.g. to How-tos or tutorials.

Automatic group assignment

Users with a verified email address can be automatically assigned a user group, and ADFS groups may be mapped automatically to wicked user groups.

Subscription Plans

API definitions can be associated with subscription plans, which can carry additional settings, e.g. different rate limits for different users.

Application Concept

In order to subscribe to an API, a user needs to create an application (which is the client of the API); APIs are coupled with applications, not users.

Application Owner Roles

Applications can be shared among users, using different roles on the application: Admin/Owner, Collaborator and Reader.

Hand over Applications

By assigning Owner rights to an application to a different user, applications can be handed over to different developers/users without recreating them.

Easy API Gateway configuration

wicked makes it easier to configure the API Gateway correctly. The Kickstarter helps configuring e.g. Rate Limiting or CORS.

API Key API Authentication

Out of the box, wicked enables fast securing of your API using API Key authentication

Full OAuth 2.0 Support

Wicked comes with a default Authorization Server which supports federating any authentication method to OAuth 2.0

Swagger UI integration

In order to view the APIs in more detail, wicked has integrated Swagger UI, with configurable direct access to the backend services.

Subscription Approval Workflow

API Plans can be configured to require approval of subscription; you will be sent an email to a predefined email address to the approval request.

Chatbot Integration

wicked can post interesting events (you decide which are interesting) to either a Rocket.Chat or a Slack Chat instance. Just register a Hook URL with Slack, and configure it for wicked.

Docker Deployment

The entire APIm solution is deployed using docker; everything runs in docker, enabling deployments to whatever infrastructure supports it.

Scaling of deployment

By leveraging the functionality of your chosen container orchestrator, the user-facing components of wicked (Portal, API, Authorization Server can be deployed highly available

Battle-proven API Gateway

Behind the scenes, wicked uses battle-proven, enterprise grade API Gateway KONG by Mashape. Open Source does not get much better than that.

Kubernetes Deployment

wicked runs very well on the docker orchestration tool Kubernetes; the documentation contains recipes and best practices on running in Kubernetes, using Helm Charts

Integrated User to Application Grant Management

The wicked Authorization Server keeps track user scope grants to applications automatically. It also provides a way to review granted access.

Customizable styles for Portal and Authorization Server

The styling, colors and images can be customized to reflect your own corporate image.

Postgres storage backend

Wicked and Kong store all runtime configuration (applications, users) in the best open source database available, Postgres.

Pluggable databases for production environments

For production environments, configure wicked to use an existing Postgres instance. You can also use an external redis instance (or the shipped one) for session handling and rate limiting.



For full documentation, head over to the GitHub repository of wicked.haufe.io.

Back to top

© 2016-2018 Haufe-Lexware GmbH & Co. KG, www.haufe-lexware.com, www.haufe.de, www.lexware.de, www.haufe-akademie.de