Leverage Kong as API Gateway
Use Mashape Kong to protect and proxy your backend APIs, securing them via API Keys or OAuth 2.0 Client Credentials flow.
Implement Rate Limiting
Using Mashape Kong's rich functionality, implement rate limiting for your APIs, wherever needed.
Full support of Kong's Plugins
Whatever Mashape Kong can do, you may configure it using the wicked Kickstarter application.
Authenticate with email and password
Let your users sign up with their email address and a password. Email addresses will be automatically validated by sending out verification emails.
Authenticate with ADFS and generic OAuth 2.0
Integrate the login process with your own ADFS 3.0 or generic OAuth2 identity provider.
Authentication with common Identity Proviers
You may also configure authenticating both for the Portal and for your APIs via SAML, GitHub, Google or Twitter out of the box.
Group based rights to APIs
Define custom user groups and assign those groups to users in order to limit access to specific APIs to specific groups. The Admin group can also be assigned.
Group based rights to custom content
The content section also supports group based access, e.g. to How-tos or tutorials.
Automatic group assignment
Users with a verified email address can be automatically assigned a user group, and ADFS groups may be mapped automatically to wicked user groups.
Subscription Plans
API definitions can be associated with subscription plans, which can carry additional settings, e.g. different rate limits for different users.
Application Concept
In order to subscribe to an API, a user needs to create an application (which is the client of the API); APIs are coupled with applications, not users.
Application Owner Roles
Applications can be shared among users, using different roles on the application: Admin/Owner, Collaborator and Reader.
Hand over Applications
By assigning Owner rights to an application to a different user, applications can be handed over to different developers/users without recreating them.
Easy API Gateway configuration
wicked makes it easier to configure the API Gateway correctly. The Kickstarter helps configuring e.g. Rate Limiting or CORS.
Simple local development deployments
Using the wicked command line interface, trying out configuration changes or running the portal for development purposes is super simple.
API Key API Authentication
Out of the box, wicked enables fast securing of your API using API Key authentication
Full OAuth 2.0 Support
Wicked comes with a default Authorization Server which supports federating any authentication method to OAuth 2.0
Swagger UI integration
In order to view the APIs in more detail, wicked has integrated Swagger UI, with configurable direct access to the backend services.
Subscription Approval Workflow
API Plans can be configured to require approval of subscription; you will be sent an email to a predefined email address to the approval request.
Chatbot Integration
wicked can post interesting events (you decide which are interesting) to either a Rocket.Chat or a Slack Chat instance. Just register a Hook URL with Slack, and configure it for wicked.
Docker Deployment
The entire APIm solution is deployed using docker; everything runs in docker, enabling deployments to whatever infrastructure supports it.
Scaling of deployment
By leveraging the functionality of your chosen container orchestrator, the user-facing components of wicked (Portal, API, Authorization Server can be deployed highly available
Battle-proven API Gateway
Behind the scenes, wicked uses battle-proven, enterprise grade API Gateway KONG by Mashape. Open Source does not get much better than that.
Kubernetes Deployment
wicked runs very well on the docker orchestration tool Kubernetes; the documentation contains recipes and best practices on running in Kubernetes, using Helm Charts
Integrated User to Application Grant Management
The wicked Authorization Server keeps track user scope grants to applications automatically. It also provides a way to review granted access.
Customizable styles for Portal and Authorization Server
The styling, colors and images can be customized to reflect your own corporate image.
Postgres storage backend
Wicked and Kong store all runtime configuration (applications, users) in the best open source database available, Postgres.
Pluggable databases for production environments
For production environments, configure wicked to use an existing Postgres instance. You can also use an external redis instance (or the shipped one) for session handling and rate limiting.
| For full documentation, head over to the GitHub repository of wicked.haufe.io. |