API Versioning New version for an API can be created. Different versions of an API can be viewed and invoked

SOAP to REST transformation API Provider can enable some of the operations of SOAP service as REST endpoints. These operations can be invoked with different paths and the operation path can contain Path parameters that can be saved as templates and can be hierarchical. The operation can be invoked in a method other than POST

API export and import APIs in API Gateway can be exported and imported into a different API Gateway. This implies that the export archive for an API includes all the information to establish an API in the importing API Gateway.

Support Service Result Cache Service result of the first invocation is cached when the criteria defined in the policy is met. Subsequent requests are from cache and do not require to go to native service for every similar invocation.

Schema Validation Support Validates the incoming requests and responses against a schema referenced in the WSDL for SOAP APIs. For REST API, user should be able to validate incoming requests and responses against the specified schema.

API usage reports and dashboards Package-level and API-specific usage and utilization reports. API Gateway provides number widgets for package invocations and API invocations.

Archive purge and restore events data Administrators can archive and purge events data to a configured file location. The archived data is restored from the created archives.

Resources or Operation level policies Policies can be applied to one or more resources or operations and must be applied on an API always. Scope can be created with a collection of resources, methods or operations of an API and policies can be applied to the scope to apply to the specific operation or resources.

Global policies and policy templates Global Policy is a common policy that can be associated to multiple APIs based upon the criteria defined for the policy. Policy Template is a base template defined, which can be imported in multiple APIs.

SAML Authentication APIs can be applied with SAML authentication policies at Inbound and Outbound. Bearer and Holder of Key SAML subject confirmation are supported for SAML 1.0 and 2.0 versions.

Kerberos Authentication Kerberos authentication is supported at message and transport level for SOAP APIs and at transport level for REST APIs. APIs can be applied with Kerberos authentication policies at Inbound and Outbound.

XML Threat Protection Support API Gateway application should be resilient to attacks through XML payload. XML payloads sent through external port go through the XML threat protection filter when the rule is defined and enabled.

JSON Threat Protection Support API Gateway application should be resilient to attacks through JSON payload. JSON payloads sent through external port go through the JSON threat protection filter when the rule is defined and enabled.