Description

Introduction

In today’s API-driven integration landscape, managing, securing, and monitoring APIs is as critical as building them. WebMethods API Gateway provides a centralized platform to expose, secure, monitor, and govern APIs across enterprise and partner ecosystems.

This training introduces the core concepts, architecture, and capabilities of WebMethods API Gateway. Participants will learn how to publish APIs, apply security and traffic management policies, manage API lifecycles, and monitor API usage using dashboards and analytics. The course focuses on foundational knowledge and hands-on understanding required to work effectively with API Gateway in real-world enterprise integration scenarios.

Prerequisites

1. Mandatory
   1. Basic understanding of APIs (REST and SOAP)
   2. Familiarity with HTTP/HTTPS concepts
   3. Basic knowledge of webMethods Integration Server (recommended)
2. Recommended (but not required)
   1. Experience with webMethods Designer
   2. Understanding of SOA or microservices concepts
   3. Basic security concepts (authentication, authorization)

Table of Contents

Module 1: API Management Overview

1. What is API Management?
2. API Lifecycle and Governance
3. Role of API Gateway in Enterprise Integration
4. WebMethods API Gateway vs Integration Server

Module 2: WebMethods API Gateway Architecture

1. Core Components of API Gateway
2. API Gateway Runtime and Data Store
3. Interaction with Integration Server
4. Deployment Topologies
5. High Availability and Scalability Overview

Module 3: Getting Started with WebMethods API Gateway

1. API Gateway User Interfaces
   1. API Gateway UI
   2. Developer Portal
2. Navigation and Key Features
3. User Roles and Access Control

Module 4: API Creation and Publishing

1. API Types Supported (REST, SOAP)
2. Creating APIs from:
   1. Existing Integration Server Services
   2. OpenAPI / Swagger Definitions
3. API Versioning Concepts
4. API Lifecycle States (Draft, Active, Deprecated)

Module 5: API Security Fundamentals

1. API Authentication Mechanisms
2. API Key
   1. OAuth 2.0 Overview
   2. Basic Authentication
3. Authorization and Scope Management
4. SSL and HTTPS Configuration
5. Best Practices for API Security

Module 6: Traffic Management and Policies

1. Understanding API Policies
2. Rate Limiting and Throttling
3. Quotas and Usage Limits
4. IP Filtering and Threat Protection
5. Applying and Managing Policies

Module 7: API Monitoring and Analytics

1. API Runtime Monitoring
2. Metrics and Performance Indicators
3. Error and Fault Analysis
4. Dashboard Overview
5. Logs and Troubleshooting Basics

Module 8: Developer Portal Fundamentals

1. Purpose of the Developer Portal
2. Publishing APIs to the Portal
3. Application Registration
4. Subscription and Access Approval Flow
5. Developer Experience Best Practices

Module 9: API Lifecycle Management

1. Version Management Strategies
2. Deprecation and Retirement
3. Promoting APIs Across Environments
4. Governance and Compliance Basics

Module 10: Best Practices and Next Steps

1. API Design Best Practices
2. Security and Performance Guidelines
3. Common Mistakes to Avoid
4. When to Use API Gateway vs Integration Server
5. Learning Path: Advanced API Gateway Topics