We use proprietary and third party's cookies to improve your experience and our services, identifying your Internet Browsing preferences on our website; develop analytic activities and display advertising based on your preferences. If you keep browsing, you accept its use. You can get more information on our Cookie Policy
Cookies Policy
API Mediation Open Specification - FIWARE Forge Wiki

API Mediation Open Specification

From FIWARE Forge Wiki

Jump to: navigation, search



API Mediation Platform

The S3C API Mediation Platform (also called OSA -Open Services Access-) serves as a mediation platform between API providers (enablers) and API consumers (services): HTTP requests coming from the consumers are routed through the platform and forwarded to the providers.

This architecture brings several benefits:

* Decoupling between services and enabler platforms
* Single point of enforcement for various technical filters

API Mediation does not provide APIs: API mediation is only a tool that proxies, control access and verify quotas of the APIs provided by others.

Change History

This version of the Guide replaces and obsoletes all previous versions. The most recent changes are described in the table below:

Revision Date Changes Summary
April, 17, 2013 initial version
May 21 2013 Update after review
June 21 2013 Change the name and introduction to conform to the guidelines

How to Read This Document

All FI-WARE RESTful API specifications will follow the same list of conventions and will support certain common aspects. Please check Common aspects in FI-WARE Open Restful API Specifications.

Additional Resources

You can download the most current version of this document from the FIWARE API specification website at API Mediation Specification. For more details about the S3C GE that this API is based upon, please refer to FIWARE.I2ND.S3C Open Specification.

Legal Notice

Please check the following Legal Notice to understand the rights to use FI-WARE Open Specifications.


General Overview

Open Service Access (AKA OSA) is a Web Services gateway designed as a security element of your network, dedicated to WebService protection and publishing. It support:

  • Publish backends on different networks (default configuration allow up 2)
  • Ensure https encryption
  • Verify authentication with basic authentication
  • Check authorizations
  • Apply global quotas (per second, day and month) for a backend
  • Apply user quotas (per second, day and month) for a backend
  • Forward consumer identity to provider
  • Forward publishing endpoint to provider
  • Provide advance service usage logging to administrators.
  • REST Full compliant error management (for OSA errors)
  • Simple GUI to administrators


Admin GUI



The APIs exposed by OSA have to be strictly the same as those exposed by the enablers: HTTP is mandatory, but all protocols (SOAP, REST, HTTP GET, etc...) and formats (XML, JSON, binary, etc.) are possible. Consumers must rely on providers documentation to use the APIs. These providers the different API providers of the generic enablers of i2nd (and more generally Fi-Ware generic enablers). SIP APIs are not included

API exposition

Service exposed thought the API mediation can be a local or distant API re-exposition, if network configuration allows it. As far as the OSA is concerned, it’s a matter of backend URL configuration.

Error handling

Errors coming from the providers should be sent to the consumers with no alteration. Errors triggered by the OSA itself (DB access error, etc.) are formatted according to the ACCEPT header of the incoming HTTP request.

Software license

Open Source Access is released under the Apache license.

Personal tools
Create a book