API Exchange
The Application Programming Interface (API) Exchange offers a platform for application teams to configure, expose, and operate an API for consumption by identified users. The API Exchange enables customers to access and use those APIs to develop their own software applications and products, increasing productivity and reducing the amount of duplicative API development.
API Solution Overview
Offers a platform for application teams to host and operate an API for consumption by identified users. The API Exchange enables customers to access and use those APIs to develop their own software applications and products.
API Solution OverviewKey Capabilities
API Options:
- Supports SOAP and REST APIs; Message Mediation (supports JSON and XML Transformations).
- Capability Details: API Exchange supports multiple types of APIs (and API components) to support a greater audience.
Maturity:
API Security:
- Offers API key management, API authentication, API activity logging, and automation of security requirements.
- Capability Details: API Exchange provides secure authentication and access options for their providers via our secure gateway. This support is currently being provided directly by the API Exchange team, but in FY24 there is a target to grant API Providers direct access to the UI allowing them to manage and configure their APIs as needed.
Maturity:
API Analytics:
- API Analytics allows access for API Providers to reports on API performance and usage.
- Capability Details: Analytics is a dynamic reporting capability offered in WSO2 deployed for API Exchange Providers to access metrics about their APIs.
Maturity:
Rate Limiting:
- Protects API endpoints from harmful effects, such as denial of service, cascading failure, or overuse of resources.
- Capability Details: Customers can request an increase in limits for short term performance testing, etc. API Exchange monitors rate limiting as well and alerts Providers to excessive limits.
Maturity:
API Publisher:
- Allows the Provider to create and publish APIs within API Exchange.
- Capability Details: Create API proxy. API Exchange has implemented a custom API lifecycle to facilitate the adherence to API standards and GSA security requirements. Upon approval, Providers can publish their APIs, making them available to consumers.
Maturity:
Key Outcomes
Reduces IT costs
Using a pre-configured framework in a scaled, resilient, and secure environment eliminates redundancies, improves productivity, and minimizes the need for custom development and maintenance, ultimately leading to reduced IT costs.
Enables business agility
The API Exchange enables rapid integration, collaboration, and API innovation, empowering a flexible and agile foundation for business mission delivery.
Provides a secure environment
Leveraging robust security measures, the API Exchange ensures APIs and data are protected against unauthorized access, attacks, and vulnerabilities—enabling customers to maintain the integrity and availability of their systems.
Standardizes technology
A centralized reference point for APIs leads to a unified approach to API development, integration, and governance, helping to reduce licensing and labor costs and achieve consistency, interoperability, and reusability across systems.
Enables e-commerce
By providing seamless integration and scalability, customers are empowered to deliver enhanced e-commerce experiences while driving business growth.
API Profiles

API Provider
Throughout GSA, there are application teams hosting backend services. If an application team does what is necessary to utilze the API Exchange to proxy their backend service, that application team can now be described as an “API Provider '' within the API Exchange.

API Consumer
An API Consumer is an application team whose application utilizes an API through the API Exchange’s API gateway.

API Exchange Team
The API Exchange team supports a platform for Providers to expose and operate an API for consumption by Provider-approved consumers.
Become a API Provider
Any new Provider to API Exchange must go through a formal vetting process to determine needs, priority, and security fitness to host in FCS.
If interested, complete a New Feature Request in Jira Service Management and you will be contacted by the FCS team with next steps.
The Cloud Advisory Working Group (CAWG) will assess the requirements via the API Onboarding Questionnaire and then get back to you with a recommendation on the best solution and next steps.
Related Topics
A shortcut to related topics for FCS tenants!

Cloud Economics
Get a sense of the costs models you’ll encounter and value when moving to the cloud.

Cloud Plays
Cloud Plays are endorsed, referenceable, and consumable sources of guidance providing a path for implementing a specific solution.