Apiman logo

Extensible Open Source API Management

Apiman makes managing your APIs easy.

With just a few clicks you can get Apiman running, putting a platform at your fingertips that covers the whole API Management lifecycle. Whether you want to offer existing APIs to external consumers in a secure way, or have a centralised location to discover and govern APIs, Apiman has you covered.

But that's not all. Apiman is designed to be easy to customise, and you can implement your own functionality by writing simple Java plugins.

The latest stable Apiman version is 3.0.0.Final, released on 29th Nov 2022.

Just a few of Apiman's features

Real Open Source

Permissively licensed under Apache License, 2.0.

No artificial limitations or restrictions.

No features hidden behind paywalls.

No lock-in.

Govern Your APIs

Flexible, policy-based runtime governance for your APIs.

Offer the same API through multiple plans, allowing different levels of service to different API consumers.

Insight into your traffic with support for a wide array of metrics stores & analytics.

Rich Management Layer

A full REST API, Apiman Manager UI, and standalone Apiman Developer Portal.

Apiman Manager has a breadth and depth of features spanning the API Management Lifecycle: multi-tenancy, events, notifications, permissions, approvals, and so much more.

Extensible & Flexible

A comprehensive plugin system that allows developers to easily create, test, and deploy custom policies and components.

That means you can extend Apiman to do almost anything you need with some simple Java code.

Refer to our developer's guide for more.

Key API Management Use Cases

Covers a range of classic API Management use cases, and so much more.

  • Throttling & Quotas: Limit the number of requests consumers of your APIs can make within a given time period (per API contract or per end-user).
  • Centralised Security: Add authentication and IP filtering capabilities in a central location, freeing your back-end APIs to focus on functionality.
  • Billing & Metrics: Easily get metrics for all your APIs so you can see what's popular or charge your consumers for their usage.

Run Anywhere, At Scale

There are no limitations on where or how you can run Apiman.

Whether you need to run on air-gapped bare metal or in the cloud, Apiman has been deployed to run critical API Management workloads.

Apiman Gateways are decoupled from the Apiman Manager, so even if a manager goes down, your gateways continue running.

The latest from the Apiman Blog

Leaping forwards with Apiman 3

I’m delighted to announce that I have released Apiman 3.0.0.Final.

This is one of the most significant releases in Apiman’s history, with a considerable number of new features and behind-the-scenes improvements.

There is also a new Docker Compose distribution that makes Apiman easier than ever to try out; please give it a go and let us know your thoughts.

Oh, and I’ve created a completely new Jekyll-based website for Apiman that will help me better automate releases — I hope you like it!

apiman, release

Apiman 2.2.0.Final has been released (updates Keycloak to 15.1.1 & WildFly to 23.0.2.Final)

Happy Holidays, Apiman fans!

I’ve released Apiman 2.2.0.Final to upgrade Keycloak to 15.1.1 and WildFly to 23.0.2.Final. This is primarily because of another significant security vulnerability that has been disclosed in those platforms.

apiman, release

Apiman 2.1.5.Final has been released - please update if you’re on an old version

Hi, Apiman fans!

I hope you’re all well, and Season’s Greetings to those of you who celebrate Christmas 🎄.

I’d like to remind Apiman users to consider updating to Apiman 2.1.5 promptly, as it contains fixes for the now well-known log4j2 bugs.

apiman, release

Get Involved

Discussions

A place to discuss all things Apiman.

We'd particularly like to hear your success stories and how you use Apiman in the wild.

Found an Issue?

If you find a problem with Apiman, please open a ticket on Apiman's GitHub Issues bug tracker.

Apiman Developer Portal

Apiman's standalone developer portal UI, written in modern Angular. This is an easy place to get started if you want to contribute.

Twitter

Assuming Twitter still exists by the time you read this, you can follow the Apiman team at @apiman_io.

Apiman Plugins

Curated repository of policy plugins for Apiman. Helpful as examples if you want to develop your own.

Migration Guide

If you're moving to a new version of Apiman, please refer to our migration guide before upgrading.

Code of Conduct

Apiman's code of conduct for contributors. Basically, be nice. Adhere to the golden rule, and you won't go far wrong.

Security Reporting Policy

You find a security issue and wish to responsibly report it, you can find who to contact here.