at Financial Technnology Year
This content is provided by FinTechBenchmarker.com who are responsible for the content. Please contact them if you have any questions.
Apigee from Google Cloud
API management platform with advanced security, developer portal, analytics, monetization features, and specific capabilities for banking such as Open Banking compliance, PSD2 support, and financial-grade API security.
Product analysis by function
API Management for IT and Infrastructure
Systems for developing, managing, securing, and monitoring APIs that connect banking systems internally and with external partners.
More API Management
More IT and Infrastructure ...
API Security
(12 Yes /12 Known /13 Possible features)
|
OAuth 2.0 Support Ability to use OAuth 2.0 protocol for secure authorization. |
Apigee documentation confirms OAuth 2.0 support for API security. | |
|
API Key Management Supports creation, issuance, and life-cycle management of API keys. |
API keys are natively managed within Apigee. | |
|
IP Whitelisting/Blacklisting Enable or restrict API access based on user IP addresses. |
Supports IP whitelisting/blacklisting through its API security policies. | |
|
Rate Limiting Limits the number of requests a client can make to avoid abuse. |
Rate limiting is configurable at multiple scopes (product, API, etc.). | |
|
Throttling Ability to control bandwidth and request frequency. |
Request throttling can be set via API product configuration. | |
|
Data Encryption Supports encryption of data in transit and at rest (e.g., TLS, HTTPS). |
Apigee supports TLS/HTTPS for encryption in transit, and provides options for at-rest encryption. | |
|
JWT (JSON Web Token) Validation Capability to validate JWTs for API access management. |
JSON Web Token (JWT) validation is available via policies. | |
|
Audit Trails Tracks and stores all API access and activity logs for compliance and debugging. |
Audit trail/logging is supported for API calls and admin activity. | |
|
DDoS Protection Protection mechanisms against Distributed Denial of Service attacks. |
Documentation and marketing reference DDoS protections as part of built-in GCP security. | |
|
Mutual TLS (mTLS) Supports mutual TLS authentication to secure API connections. |
Apigee supports mutual TLS policies for client authentication. | |
|
Access Control Lists (ACLs) Ability to define detailed access permissions for API consumers. |
Access Control Lists (ACLs) and fine-grained access can be configured. | |
|
Security Patch Management Automated updates for emerging threats and vulnerabilities. |
No information available | |
|
Regulatory Compliance Certifications Supports and maintains compliance (e.g., PCI DSS, PSD2, GDPR) for financial data and operations. |
Supports and documents compliance for PCI DSS, PSD2, and Open Banking (GDPR is available via privacy controls). |
API Gateway Functionality
(10 Yes /10 Known /11 Possible features)
|
Request Routing Routes incoming API requests to appropriate backend services. |
Request routing configuration is fundamental to Apigee's API gateway role. | |
|
API Aggregation Combines multiple API calls into a single request/response. |
Supports API aggregation and composing multiple backend calls. | |
|
Caching Caches API responses to reduce backend load and latency. |
Response caching is a documented feature. | |
|
Load Balancing Distributes incoming API traffic among multiple backends. |
Load balancing (via Google Cloud Load Balancer integration) is supported for scalable traffic distribution. | |
|
Protocol Transformation Converts between different protocols (e.g., REST, SOAP, gRPC). |
Supports protocol transformation (e.g., SOAP to REST) with policies. | |
|
Content-Based Routing Routes requests based on content type or header values. |
Routes requests based on content (header/payload) using policies. | |
|
URL Rewriting Ability to rewrite request URLs on the fly for routing efficiency. |
URL rewriting is available through flow and pre/post-processing policies. | |
|
Failover Support Automatic rerouting of traffic in case of backend failure. |
Failover and redundancy features available through deployment on managed Google infrastructure. | |
|
Timeout Configuration Customizable timeouts for upstream requests. |
Timeouts are configurable on both upstream and downstream sides. | |
|
API Mocking Ability to simulate API responses during development and testing. |
Mocking API responses is available for testing and development. | |
|
Advanced Traffic Shaping Customizable traffic shaping rules for granular control. |
No information available |
Developer Experience
(11 Yes /11 Known /11 Possible features)
|
Interactive API Documentation Auto-generated documentation with try-it-out features (e.g., Swagger, OpenAPI). |
Interactive API documentation via integrated developer portal using OpenAPI/Swagger. | |
|
API Sandbox Environment Safe, limited test environment for developer experimentation. |
API sandbox environments available for developer testing. | |
|
Self-Service Portal Portal for onboarding, documentation access, and API key management. |
Self-service portal supported out-of-the-box for onboarding and key management. | |
|
SDK Generation Automated creation of SDKs in multiple languages for developers. |
SDK generation supported for various platforms via developer portal features. | |
|
Code Samples Includes quick-start code samples for faster developer onboarding. |
Code samples are included in auto-generated or custom API documentation. | |
|
Comprehensive Error Codes Clear and consistent error messages with codes and explanations. |
Detailed error codes and descriptions supported. | |
|
Change Log Communication Automated notifications on API updates and version changes. |
API change log and update notifications are built into the platform. | |
|
API Subscription Management Supports subscription plans for API access levels. |
API subscription management and monetization supported as core capabilities. | |
|
End-to-End Testing Tools Supports thorough testing across API endpoints. |
End-to-end and regression testing tools are integrated into the management console. | |
|
API Usage Analytics for Developers Provides developers with real-time metrics for their API usage. |
Real-time usage analytics for developers are provided in the developer portal. | |
|
Support Ticketing Integration Integrated support system for technical queries and issues. |
Support/ticketing integration available for developers via the portal or integrations. |
Monitoring and Analytics
(8 Yes /8 Known /11 Possible features)
|
Real-Time Traffic Monitoring Provides live data on API usage metrics and performance. |
Traffic and usage monitoring is a main platform feature, visible on dashboards. | |
|
Request Latency Tracking Measures and reports time taken to process API requests. |
No information available | |
|
Error Rate Monitoring Tracks percentage of API requests resulting in errors. |
No information available | |
|
Health Checks Automated and on-demand status checks for API endpoints. |
Health checks are configurable for backend and endpoint monitoring. | |
|
Custom Dashboards User-configurable dashboards for monitoring APIs. |
Custom dashboards available for monitoring and analytics via management UI. | |
|
Historical Data Retention Duration for retaining historical API usage and performance data. |
No information available | |
|
Integration with External Monitoring Tools Supports integration with platforms like Splunk, Grafana, Datadog. |
Integrates with platforms like Splunk and Datadog via export and webhooks. | |
|
Alert Notification System Sends alerts for threshold breaches and downtime. |
Alerting/notification is supported for operational incidents and analytics events. | |
|
Log Export and Archival Export logs for long-term storage and regulatory compliance. |
Log export and archiving supported for compliance and integration with SIEM tools. | |
|
Anomaly Detection Automatic detection of unusual API behavior. |
Anomaly detection features are referenced as part of analytics suite. | |
|
SLAs and Uptime Reporting Service Level Agreement and uptime tracking for each API. |
SLAs and uptime reporting are core parts of the platform's operational guarantees. |
Integration and Interoperability
(9 Yes /9 Known /11 Possible features)
|
Support for Multiple API Protocols REST, SOAP, WebSockets, gRPC compatibility. |
Supports REST, SOAP, WebSockets through adapters, and partial gRPC. | |
|
Enterprise Service Bus Integration Compatible with ESB solutions for orchestration and mediation. |
No information available | |
|
Legacy System Connectors Connects easily with mainframes and legacy banking systems. |
Documentation refers to legacy system connectors for banking use. | |
|
Third-party Integration Marketplace Pre-built integrations with common fintech and regtech services. |
Marketplace and prebuilt integrations available for fintech/regtech services. | |
|
Event Streaming Support Supports event-driven architectures (e.g., Kafka, MQ). |
Event streaming supported (Pub/Sub) and via GCP integrations. | |
|
API Orchestration Capability Orchestrates multiple APIs and business processes. |
Supports orchestration across multiple APIs and backends. | |
|
Standard Data Format Support Understands and processes JSON, XML, CSV, and more. |
Handles JSON, XML, CSV and other common data formats in policies. | |
|
Multi-Cloud Support Deployable on different cloud platforms and hybrid architectures. |
Available on GCP, hybrid, and multi-cloud (AWS/Azure) deployment models. | |
|
Service Discovery Integration Integrates with service registries (e.g., Consul). |
Supports integration with service registries for dynamic endpoint discovery. | |
|
API Versioning Manages and routes multiple versions of APIs seamlessly. |
API versioning managed via products and environments. | |
|
BPM/Workflow Engine Integration Interoperates with business process management tools. |
No information available |
Scalability and Performance
(8 Yes /8 Known /10 Possible features)
|
Horizontal Scalability Ability to add nodes and balance load automatically. |
Supports horizontal scaling as a managed cloud platform. | |
|
High Availability Architecture Redundant components and failover to maximize uptime. |
High-availability is a guarantee of Google-managed infrastructure. | |
|
Throughput Capacity Total number of API requests handled per second. |
No information available | |
|
Load Testing Tools Includes tools for stress and performance testing APIs. |
Load and performance testing tools are available via Apigee or easy integration. | |
|
Auto-Scaling Policies Automatic scaling based on real-time demand. |
Auto-scaling supported when deployed on GCP and in hybrid models. | |
|
Geo-Distributed Deployments Supports deployments across multiple geographic locations. |
Geo-distributed deployments are possible via multi-region GCP. | |
|
Low Latency Processing Optimized to minimize request/response latency. |
Apigee is optimized for low-latency API processing, performance documented. | |
|
Concurrent Connection Limits Maximum number of simultaneous client connections supported. |
No information available | |
|
Session Persistence Ability to maintain session/state across distributed systems. |
Session persistence for distributed processing is mentioned for large-scale APIs. | |
|
Fast Failover and Recovery Quickly re-routes traffic on failure for uninterrupted service. |
Fast failover built-in via managed and redundant infrastructure. |
API Lifecycle Management
(8 Yes /8 Known /9 Possible features)
|
API Design Tools User-friendly tools for designing APIs (specifications, linting, etc). |
API design tools available in the Apigee platform and portal. | |
|
Automated Deployment Pipelines CI/CD pipelines for consistent API release processes. |
CI/CD, automated deployment and integration pipelines are supported and documented. | |
|
Version Control Tracks changes and rollbacks for API definitions and implementations. |
Supports source repositories for API definition version control. | |
|
Lifecycle Stages Tracking Defines and manages API states: development, testing, production, deprecated. |
Management of API lifecycle stages is a feature of the admin console. | |
|
Deprecation and Sunset Policy Enforcement Controlled migration paths and communication for deprecated APIs. |
Deprecation and sunset policy management supported in API lifecycle management tools. | |
|
Change Management Logging Monitors changes and notifies stakeholders. |
Change management and audit logging built in to the administration console. | |
|
Automated Testing Integration Integrates with automated test frameworks. |
Integration with automated testing frameworks is available. | |
|
Approval Workflows Multi-step approval for API publishing or promotion. |
No information available | |
|
Rollback Mechanism Quickly revert to previous stable versions. |
Rollback possible through version management and deployment controls. |
Regulatory and Compliance
(9 Yes /9 Known /9 Possible features)
|
Audit Logging Comprehensive, immutable records of every API activity. |
Comprehensive API activity and audit logs are a core compliance feature. | |
|
Privacy Controls Strict controls for personal and sensitive data processing. |
Privacy controls are available, supporting GDPR and other frameworks. | |
|
GDPR Compliance Supports mechanisms for data rights and protection under GDPR. |
GDPR support is documented and marketed for financial and EU clients. | |
|
PCI DSS Support Meets requirements for processing and storing payment card data. |
Apigee references PCI DSS compliance in materials for payment card use cases. | |
|
PSD2/Open Banking Readiness Supports open banking standards and frameworks. |
Specific support for PSD2 and Open Banking API standards is available. | |
|
Consent Management Tracks and enforces customer consent for data sharing. |
Consent management tools are referenced for Open Banking and GDPR compliance. | |
|
Data Residency Controls Enforces policies on where data can be physically stored. |
Data residency controls supported via regional deployments on GCP. | |
|
Retention & Deletion Policies Automates retention and deletion per regulatory timelines. |
Automated retention and deletion policies are available for compliance. | |
|
Automated Compliance Reporting Generates reports to demonstrate compliance. |
Automated reporting for compliance is a marketed feature for regulatory users. |
User and Access Management
(5 Yes /5 Known /9 Possible features)
|
Role-Based Access Control (RBAC) Granular user permissions based on assigned roles. |
RBAC and fine-grained permission management are provided. | |
|
Single Sign-On (SSO) Integration with enterprise authentication solutions. |
SSO integrations available for enterprise users (SAML, Google, etc). | |
|
Multi-Factor Authentication (MFA) Enforces strong two-factor user verification. |
Multi-factor authentication is available for admin and developer portal access. | |
|
User Provisioning Automation Automated creation, update, and deactivation of user accounts. |
No information available | |
|
Delegated Administration Allows specific user groups to manage access. |
No information available | |
|
Session Management Controls and monitors user session durations and activity. |
Session management controls exposed for user and API consumers. | |
|
Access Review and Recertification Periodic verification of user access rights. |
No information available | |
|
External User Federation Allows federated login for third-party or partner users. |
Supports federation and social/enterprise identity providers. | |
|
Entitlement Management Assign and manage granular entitlements to users. |
No information available |
Operational and Maintenance Features
(8 Yes /8 Known /8 Possible features)
|
Zero-Downtime Upgrades Ability to patch or upgrade system components without impacting users. |
Zero-downtime upgrades possible in managed service model. | |
|
Automated Backups Schedules and manages regular backups. |
Automated scheduled backups are a documented feature. | |
|
Disaster Recovery Support Failover and restore processes for high system resilience. |
Disaster recovery/restore detailed in Apigee/Google Cloud operations docs. | |
|
Rollback Capabilities Quick reversion to previous system states after failed changes. |
Rollback capabilities for failed upgrades/test failures via version control. | |
|
Remote Management API API for managing infrastructure remotely. |
APIs for remote platform management are accessible. | |
|
Automated Configuration Management Tools for managing configuration drifts and automating changes. |
Automated configuration and drift management features are referenced. | |
|
Self-Healing Mechanisms Automated corrective actions for detected failures. |
Self-healing (automatic restart of failed nodes) available on managed service. | |
|
Maintenance Window Scheduling Automated notifications and controls for system maintenance. |
Maintenance window scheduling, with notifications to users, is available. |
Cost Management and Optimization
(6 Yes /6 Known /8 Possible features)
|
Usage-Based Billing Support Cost tracking for internal/external API use, supporting chargebacks. |
Usage-based billing and chargeback support are monetization features. | |
|
Quota Management Enables the enforcement of usage quotas for users/applications. |
Quota and usage enforcement via API product configuration. | |
|
Cost Analytics and Forecasting Provides insights and trends in API-related expenses. |
Analytics and cost forecasting dashboards and reports available. | |
|
Budget Alerting Sends notifications if API usage approaches or exceeds budget. |
Budget alerting can be set for platform/API usage spend. | |
|
Resource Optimization Recommendations Suggests ways to optimize API and infrastructure usage. |
Resource optimization recommendations are available as part of usage analytics. | |
|
Granular Cost Allocation Assigns costs to departments, projects, or teams. |
No information available | |
|
License Management Tracks feature/component licensing and compliance with agreements. |
No information available | |
|
Pay-as-you-go Support Ability to implement flexible pricing models based on real usage. |
Pay-as-you-go and flexible usage billing referenced on pricing and monetization docs. |
API Management Platforms for IT and Infrastructure
Software for creating, publishing, maintaining, and monitoring APIs that connect different systems within the brokerage and with external partners and clients.
More API Management Platforms
More IT and Infrastructure ...
Sorry, no analysis is avaiable for API Management Platforms
This data was generated by an AI system. Please check
with the supplier. While you are talking to them, remind them that they need
to update their entry.