Skip to main content

General Features

Deployment and Infrastructure

Running on Kubernetes, on-prem and cloud support, horizontal scalability, high availability

Data and Storage

Robust data infrastructure with MongoDB, Elasticsearch, Hazelcast, and automatic backup

Management and Access

RESTful Management API, multi-project/environment structure, dynamic role management

Connection Management

Support for 15+ different connection types: Database, LDAP, Message Queue, HTTP, FTP, and more

Security and Monitoring

Network segmentation, TLS/SSL, detailed audit logging, SIEM integration
  • Running on Kubernetes
  • Can be installed on on-prem or cloud (cloud) environments
  • All-in-One (Standalone), Distributed, and Clustered (HA) deployment models
  • Horizontal scalability
  • Running in cluster structure and high availability (%99.9+)
  • Automatic failover and load balancing
  • Zero-downtime updates (uninterrupted updates)
  • Creating and managing deployment, service, pod, etc. resources on-the-fly using Kubernetes APIs
  • Ability to manage Kubernetes cluster and track its metrics
  • Data replication with MongoDB Replica Set
  • Scalable log infrastructure with Elasticsearch
  • Distributed cache with Hazelcast distributed cache
  • Automatic backup and restore
  • Disaster recovery support
  • Transfer of log data to other environments via connectors (Syslog, Webhook, SIEM, Kafka, RabbitMQ, etc.)
  • Programmatic access with RESTful Management API
  • Management API documentation with OpenAPI/Swagger spec
  • Multi-project structure
  • Multi-environment structure
  • Multi and dynamic team structure
  • Dynamic role management
  • Environment Variables management (environment-based variable management)
  • Database Connections: Support for Oracle, MySQL, PostgreSQL, SQL Server, MongoDB, DB2
  • LDAP/Active Directory Connections: Integration with LDAP directory services
  • Message Queue Connections: Support for Kafka, RabbitMQ, ActiveMQ
  • HTTP/REST Connections: HTTP webhook and REST API connections
  • File Connections: FTP/SFTP connections
  • Email Connections: SMTP/IMAP connections
  • Elasticsearch Connections: Elasticsearch cluster connections
  • Syslog Connections: Log transfer with Syslog protocol
  • SNMP Connections: SNMP protocol support
  • Graylog Connections: Graylog GELF format support
  • Logback Connections: Logback logging integration
  • Linux Script Connections: Linux script execution support
  • Connection pool management (connection pooling)
  • Connection testing and validation
  • Environment-based connection management (with environment variables)
  • Secure credential management (encrypted storage)
  • Network segmentation (DMZ and LAN separation)
  • TLS/SSL termination
  • Detailed audit logging (recording all operations)
  • SIEM integration
  • Health monitoring and automatic recovery

API Proxy Features

Security

15+ authentication methods, encryption, signing, and security policies

Protocol Support

Support for HTTP/HTTPS, REST, SOAP, gRPC, WebSocket, and GraphQL

Traffic Management

Load balancing, circuit breaker, throttling, and quota management

Message Processing

JSON/XML transformation, script support, business rule, and content filter

Routing

Conditional routing, load balancing algorithms, connection pooling

Policies

Reusable, conditional, and hierarchical policy management
  • OAuth2 Authentication
  • OIDC Authentication
  • JWT Authentication
  • Plain-Text Authentication
  • Username/Password Authentication
  • Basic Authentication
  • Digest Authentication
  • mTLS Authentication
  • Backend API Authentication
  • SAML Validation
  • SSO integrations
  • Authentication and authorization with LDAP/Active Directory
  • Authentication and authorization with database
  • Authentication and authorization with custom API
  • Blocking access from specified client IPs (Blocked IP List)
  • Allowing access only from specified client IPs (Allowed IP List)
  • Predefined and/or customizable content filters (Content Filter)
  • Encryption/Decryption
  • Signing/Signature Verification (Digital Signature/Digital Signature Verification)
  • WS-Security
  • JOSE Validation (JSON Object Sign & Encryption Validation)
  • JOSE Implementation (JSON Object Sign & Encryption Implementation)
  • Role-based access control
  • Method/Endpoint-based access control
  • Identity and client role management
  • Identity-based throttling application
  • Identity-based quota application
  • Time Restriction (time-based access restriction)
  • Rate Limit Control List
  • Client Ban (client banning)
  • Address virtualization
  • Conditional routing
  • Load distribution by adding new addresses without stopping the system
  • Customizing timeout and retry counts
  • Enabling/disabling access by method/endpoint
  • Customizing error messages
  • API-based quota application
  • API-based throttling
  • Routing Status (enabling/disabling routing)
  • Conditional routing (condition-based routing)
  • Routing Algorithm (Round Robin, Least Recently Used, Weighted Round Robin)
  • Connection Settings (Connect Timeout, Read Timeout, Connection Request Timeout)
  • Redirect support (Enable Redirect, Enable Relative Redirects, Max Redirects)
  • Content Compression control
  • Retry Count and Failover Retry Count
  • Error Handling Type (Default, Custom)
  • Connection Pool Management
  • Hop-by-hop headers management
  • User Agent sending control
  • SSL/TLS Validation control
  • Circuit Breaker configuration
  • Proxy Server configuration
  • mTLS Settings (mutual TLS settings)
  • NTLM Settings (NTLM authentication settings)
  • Customize Error Messages (customizable error messages)
  • XML message transformation (XML Transformation)
  • JSON message transformation (JSON Transformation)
  • Script (any business logic can be implemented with Groovy or JavaScript)
  • Business Rule (business rule application)
  • Content Filter (content filtering)
  • API Call (a 3rd party API can be called during the flow and its result can be included in the flow)
  • HTTP/HTTPS: HTTP/1.1, HTTP/2, TLS/SSL termination
  • REST: Full REST support, HATEOAS, Content negotiation, Versioning
  • SOAP: SOAP 1.1 and SOAP 1.2, WSDL support, WS-Security, WS-Addressing, WS-ReliableMessaging
  • gRPC: Protocol Buffers, Unary RPC, Server/Client/Bidirectional streaming, gRPC-Web support
  • WebSocket: RFC 6455 compliant, Full-duplex communication, Binary and text frame support, WSS (Secure WebSocket)
  • GraphQL: Full support (with reverse proxy, query, mutation, and subscription support)
  • OpenAPI/Swagger: Support for OpenAPI 3.0.x and Swagger 2.x
  • WSDL: WSDL import and generation, SOAP service definitions
  • Protocol Buffers (proto): proto file support, gRPC service definitions
  • API Spec Management: Spec creation, import/export, conversion to different formats
  • Protocol Conversion: SOAP to REST, creating OpenAPI spec from WSDL, REST to gRPC
  • Message length control (Min Message Size, Max Message Size)
  • JSON Schema Validation
  • XML Schema Validation
  • Ability to call external APIs and use their responses if desired
  • Ability to intervene in flow and message contents with JavaScript or Groovy code
  • Opening SOAP service as REST
  • Creating Mock API and returning responses conditionally
  • Creating Mirror API (Returns incoming request as response)
  • Reverse Proxy support (routing to backend without definition file)
  • Version management, ability to run different versions of the same API simultaneously in different environments
  • API grouping and opening access from a single address if desired
  • Ability to enrich and edit request/response messages
  • Ability to customize responses according to client identity (redaction)
  • Customizable and detailed response error code and error message management
  • CORS settings
  • Cache usage
  • Ability to import/export projects
  • Defining test cases
  • Creating test suites
  • Storing and rerunning test execution history
  • Customizable and detailed logging
  • Full-text search capability in log records
  • Customization of data to be stored and protection of sensitive data
  • Encryption of sensitive data
  • Reusable policy settings
  • Generalizable or API-specific policies
  • Ability to import/export policies
  • Ability to apply policies at API Group → API → Method/Endpoint level
  • Conditional execution (conditional policy execution)
  • Conditional routing (applying policies according to routing conditions)
  • Ability to temporarily enable/disable any policy or all policies with a single click

API Creator Features

DB-2-API

Opening REST API from database, SQL, Stored Procedure, and Batch operation support

Script-2-API

Opening JavaScript/Groovy code as endpoint

Mock API

Opening REST API by designing through UI, conditional response return
  • Ability to write SQL and open as endpoint
  • Ability to call Stored Procedure
  • Ability to return cursor result
  • Ability to perform batch operations
  • Ability to define endpoints accessing different databases from the same API
  • Ability to open JavaScript code as endpoint
  • Ability to open Groovy code as endpoint
  • Ability to use, update, or delete message parts within code
  • Mimicking real data
  • Returning different responses conditionally on the same endpoint

API Monitor Features

Uptime Monitor

Continuous monitoring of APIs, creating monitors from test cases, multiple validation rules

Anomaly Detector

Abnormal situation detection through log analysis, EMA and Bollinger Bands usage

Alert Mechanisms

Threshold-based alarms, multiple trigger types, automatic action triggering
  • Continuously monitoring that APIs are up and running correctly
  • Ability to create monitors from test cases
  • Ability to create multiple monitors for one endpoint
  • Ability to define multiple validation rules for one monitor
  • Ability to add multiple actions (email, API call, database operation, or custom task chains, etc.) for one monitor
  • Detecting abnormal situations by analyzing time-based data in log records
  • Metric value control (threshold value exceedance)
  • Metric increase/decrease rate control
  • Usage of Bollinger Bands with EMA
  • Query/Filter rate control
  • Automatic action triggering when anomaly is detected
  • Automatic alarm creation when determined threshold values are exceeded
  • Multiple trigger types (Application Logs Count, Elasticsearch metrics, etc.)
  • Scheduled alarm checks (Cron expression)
  • Multiple actions when alarm is triggered (email, webhook, API call, database operation, etc.)
  • Alarm history and reporting

API Analytics Features

Dashboard and Visualization

Performance metrics, real-time monitoring, comparative analysis

Performance Monitoring

API, endpoint, client, and IP-based traffic analysis, trend analysis

Reporting

Ready-made reports, customized reports, automatic reporting

Query and Analysis

Elasticsearch queries, full-text search, anomaly detector

Tracing

Step-by-step monitoring, trace management, timeline and tree views

Data Management

Log settings, Elasticsearch integration, failover support
  • Various performance metrics (traffic, response time, error rate)
  • Flexible time range selection
  • Comparative analysis
  • Real-time traffic monitoring and live metric viewing
  • Ability to monitor API performance
  • Method/endpoint-based performance monitoring
  • Client-based traffic analysis
  • IP-based traffic and security analysis
  • Performing trend analysis over time
  • Response times, throughput, and latency metrics
  • Viewing overall system status with ready-made reports
  • API Traffic (Over Time) reports
  • Endpoint Traffic & Time Metrics reports
  • Client Traffic & Time Metrics reports
  • IP Traffic & Time Metrics reports
  • Creating custom reports with report generator
  • Defining customized queries
  • Detailed log queries on Elasticsearch
  • Full-text search capability
  • Advanced filtering and querying
  • Catching abnormal situations with Anomaly Detector
  • Ability to define custom audit definitions
  • Ability to monitor API calls step-by-step
  • Trace initiation and management
  • Policy-based execution monitoring
  • Request/response examination
  • Performance analysis
  • Timeline and Tree views
  • Environment-based log settings
  • Logging control by message regions (Header, Body, Parameter)
  • Log sending by integration targets
  • Ability to send logs to multiple targets (multiple log targets)
  • Failover support in log sending
  • Transferring unsent API traffic logs

API Integrator Features

Task Flow Builder

Visual workflow designer, drag-and-drop interface, integration without writing code

Connectors

15+ different connectors: Database, Message Queue, HTTP, File, Email, and more

Automation and Scheduling

Scheduled tasks, Cron expression, event-based triggering

Exposing as API

Ability to open task chains as REST API, HTTP method support
  • Designing integration scenarios without writing code with visual workflow designer
  • Creating task flows with drag-and-drop interface
  • Connector connections
  • Loop and iteration support
  • Data transformation (JSON ↔ XML, Data mapping, Field transformation)
  • Error management (Try-catch blocks, Retry mechanism, Fallback strategies)
  • Database Connector: SQL execution, Stored procedure calling
  • Message Queue Connectors: Support for Kafka, RabbitMQ, ActiveMQ
  • HTTP/REST Connector: HTTP calls, REST API calls, Webhook
  • File Connectors: FTP/SFTP, File system operations
  • Email Connector: Sending email with SMTP/IMAP
  • Elasticsearch Connector: Search queries and logging
  • Script Connector: Custom logic with JavaScript/Groovy
  • Notification Connectors: Notification, SNMP support
  • Ability to open connectors as API
  • Automating task chains
  • Automatic execution at specific times with scheduled tasks (schedule)
  • Cron expression support
  • Event-based triggering
  • Ability to execute multiple actions when task chains fail
  • Email sending, API calling, database operation, or custom task chains
  • Ability to open task chains as REST API
  • Step-by-step viewing of each task’s execution and log records
  • Successful, failed, ongoing, and total operation statistics
  • User-friendly graphical views
  • Real-time monitoring with Task Flow monitor

Developer API Portal Features

API Product Management

Packaging APIs as products, categorizing, and publishing

Self-Service

User registration management, organization management, profile management

API Key Management

Secure credential management, rotation, application-based API keys

Pricing

Free, Subscription, Metered, and Tiered plans, API monetization

Documentation

OpenAPI/Swagger documentation, code examples, usage guides

Test Tools

Try It console, JSONPath/XPath testing, JWT decode, JSON Schema creation

Analytics

API usage statistics, traffic analysis, dashboards and reports

Support

Support packages, SLA levels, Jira integration, collaboration environment

Customization

Customizable theme, multi-language support, email notifications
  • Packaging, categorizing, and publishing your APIs as products
  • Different visibility levels (Public, Private, Authorized Organizations)
  • Packaging API Proxies or Proxy Groups as products
  • Automatic OpenAPI/Swagger integration
  • Documentation and file management
  • Self-Service registration (developers creating their own accounts)
  • Automatic or manual approval processes
  • Profile management
  • Password management and security
  • Organization-based access control and visibility management
  • Organization administrators
  • Users creating Application (API Group) for themselves by subscribing to API products
  • Creating as many API keys as desired for Application (API Group)
  • Secure credential creation, rotation, and management
  • Application-based API keys
  • API Product subscriptions
  • Application-based usage monitoring
  • Free, Subscription, Metered, and Tiered plans
  • Flexible pricing for API monetization
  • Defining and managing pricing plans
  • Automatic OpenAPI/Swagger documentation
  • Custom documentation pages
  • Code examples and usage guides
  • Testing APIs through the portal
  • Try It console
  • JSONPath testing
  • XPath testing
  • XML/JSON transformation tools
  • Base64 encode/decode
  • JWT decode
  • JSON Schema creation
  • API usage statistics
  • Traffic analysis and performance metrics
  • Dashboards and reports
  • Users’ ability to examine their own usage details
  • Support packages (SLA levels, support channels)
  • Support request management
  • Jira integration
  • Collaboration environment for users to find/answer questions
  • Customizable theme (logo, colors, fonts, HTML content)
  • Multi-language support (Turkish and English)
  • Multi-language content management
  • Email notifications (automatic email templates, registration, approval, rejection, and notification emails)
  • Working integrated with Apinizer
  • Can also be used independently

API Identity Provider Features

OAuth2 & OIDC

OAuth2 protocol-compliant token generation, OpenID Connect support

JWT Token

JWT token creation, validation, renewal, and management

Token Flows

Client Credentials Flow, Resource Owner Password Credentials Flow support

Security

Token signing and validation, secure token-based authentication

Access Control

Defining general or specific permissions for API Proxies with Access Control List

Rate Limiting

Endpoint-based request limit management with Rate Limit Control List

IP Management

Defining IP Groups and associating with credentials

Lifecycle

Credential and access expiration times, environment-based customization
  • OAuth2 protocol-compliant token generation
  • JWT token creation and validation
  • Token renewal and management
  • Client Credentials Flow support
  • Resource Owner Password Credentials Flow support
  • OpenID Connect (OIDC) support
  • Token signing and validation
  • Secure token-based authentication and authorization solutions
  • Defining general or specific permissions for API Proxies
  • Credential-based access control
  • Endpoint-based authorization
  • Environment-based ACL configuration
  • Generally defining how many requests credentials can make to which endpoints
  • Endpoint-based rate limit management
  • Time-based limit definition
  • Environment-based RLCL configuration
  • Setting credential expiration times
  • Configuring access expiration times
  • Automatic expiration management
  • Environment-based expiration settings
  • IP Groups definition and management
  • Associating IP Groups with credentials
  • IP-based access control
  • Environment-based IP Groups configuration

API Lifecycle Management Platform Features

Project and Environment Management

Multi-project structure, Development/Test/Production environments, import/export

Team and Role Management

Dynamic team structure, dynamic role management, collaboration environment

Version and Deployment

API version management, deployment versioning, rollback feature

CI/CD Integration

CI/CD pipeline, GitLab/Jira integration, DevOps practices

Certificate Management

Certificate and Private Key management, Keystore, JWKS configuration

Scheduled Jobs

Scheduled jobs management, Anomaly Detector, Uptime Monitor, Alert Jobs
  • Project-based organization with multi-project structure
  • Creating and managing Development, Test, Sandbox, and Production environments
  • Import/export of projects, API Proxies, and policies
  • Collaboration environment with multi and dynamic team structure
  • Dynamic role management and authorization
  • Working collaboratively by taking on different roles
  • Managing API versions and running them simultaneously in different environments
  • Deployment and undeployment operations of API Proxies
  • Deployment versioning and rollback feature
  • CI/CD pipeline integration
  • GitLab integration
  • Jira integration
  • DevOps practices support
  • API Development Lifecycle environment parallel to SDLC (Software Development Life Cycle) processes
  • Managing and documenting API metadata
  • Operating API lifecycle steps such as requirement definition, documentation, design, development, testing, deployment, versioning, monitoring, analysis, reporting, publishing through portal, and pricing
  • Certificate management (upload, installation, expiration tracking, renewal reminders, chain validation)
  • Private Key management
  • Keystore management
  • JWKS (JSON Web Keypair Sets) configuration
  • Certificate and key import/export
  • Viewing and managing scheduled jobs
  • Starting, pausing, resuming, and stopping jobs
  • Anomaly Detector Job management
  • Uptime Monitor Job management
  • Alert Job management
  • Report Configuration Job management
  • Task Flow Manager Job management
  • Project-based and system-level job management

What is Apinizer?

Learn what Apinizer is and its product family

Industry Benefits

Discover the benefits Apinizer provides for different industries

Role-Based Benefits

Discover the benefits Apinizer provides for different roles

Technical Architecture

Learn about Apinizer’s technical architecture

Quick Start

Create your first API Proxy