- Design APIs, gather developer's feedback before implementing (API First Design).
- Design can be done from the publishing interface or by importing an existing Swagger definition.
- Deploy a prototyped API, provide early access to APIs, and get early feedback.
- Mock API implementation using Javascript.
- Support publishing SOAP, REST, JSON, and XML style services as XML. 

- Graphical experience similar to Android Marketplace or Apple App Store.
- Browse APIs by provider, tags, or name.
- Self-registration to developer community to subscribe to APIs.
- Subscribe to APIs and manage subscriptions on per-application basis.
- Subscriptions can be at different service tiers based on the expected usage levels.
- Role based access to API Developer Portal, which helps to manage public and private APIs.
- Manage subscriptions per-developer.
- Browse API documentation, download helpers for easy consumption.
- Comment on and rate APIs.
- Forum for discussing API usage issues (Available soon in a future version).
- Try APIs directly on the Developer Portal.
- Internationalization (i18n) support. 

- Publish APIs to external consumers and partners, as well as internal users.
- Supports publishing multiple protocols including SOAP, REST, JSON, and XML style services as APIs.
- Manage API versions and deployment status by version.
- Govern the API lifecycle (publish, deprecate, retire).
- Attach documentation (files, external URLs) to APIs.
- Provision and Manage API keys.
- Track consumers per API.
- One-click deployment to API Gateway for immediate publishing.

- Apply Security policies to APIs (authentication and authorization).
- Rely on OAuth2 standard for API access (implicit, authorization code, client, SAML, IWA Grant type).
- Restrict API access tokens to domains/IPs.
- Block a subscription and restrict a complete application.
- Associate API available to system defined service tiers.
- Leverage XACML for entitlements management and fine grained authorization.
- Configure Single Sign-On (SSO) using SAML 2.0 for easy integration with existing web apps.
- Powered by WSO2 Enterprise Service Bus (WSO2 ESB).

- Supports API authentication with OAuth2.
- Extremely high performance pass-through message routing with sub-millisecond latency.
- Enforce rate limiting and throttling policies for APIs by consumer.
- Horizontally scalable with easy deployment into cluster using proven routing infrastructure.
- Scales to millions of developers/users.
- Capture all statistics and push to pluggable analytics system.
- Configure API routing policies with capabilities of WSO2 Enterprise Service Bus.
- Powered by WSO2 Enterprise Service Bus.            

- Self-sign up for API consumption.
- Manage user account including resetting password.
- Developer interaction with APIs via comments and ratings.
- Support for developer communication via forums (Available soon in a future version).
- Powered by WSO2 Identity Server (WSO2 IS).

- Manage API lifecycle from cradle to grave: create, publish, block, deprecate, and retire.
- Publish both production and sandbox keys for APIs to enable easy developer testing.
- Publish APIs to partner networks such as ProgrammableWeb (Available soon in a future version).
- Powered by WSO2 Governance Registry (WSO2 G-Reg).

- All API usage published to pluggable analytics framework.
- Out-of-the-box support for the WSO2 Analytics Platform and Google Analytics.
- View metrics by user, API, and more.
- Customized reporting via plugging reporting engines.
- Monitor SLA compliance.
- Powered by WSO2 Data Analytics Server (WSO2 DAS).      

- All components are highly customizable through styling, theming, and open source code.
- Developer Portal implemented with React.
- Pluggable to third-party analytics systems and billing systems (Available soon in a future version).
- Pluggable to existing user stores including JDBC and LDAP.
- Components usable separately. 
- Developer Portal can be used to front APIs that are routed through third-party gateways such as, Intel Expressway Service Gateway.
- Support for Single Sign On (SSO) using SAML 2.0 for easy integration with existing web apps.

- Role based access control (RBAC) for managing users and their authorization levels.
- Developer Portal can be deployed in DMZ for external access with the Publisher inside the firewall for private control.
- Different user stores for developer focused Developer Portal and internal operations in the publisher.
- Integrates with enterprise identity systems including LDAP and Microsoft Active Directory.
- Gateway can be deployed in DMZ with controlled access to WSO2 Identity Server (for authentication/authorization) and governance database behind a firewall.

- Run a single instance and provide API Management to multiple customers.
- Share APIs between different departments in a large enterprise.

- Document an API using Swagger.
- Restrict API access tokens to domains/IPs.
- Ability to block a subscription and restricting a complete application.
- Ability to revoke access tokens.
- Separate validity period configuration for application access token.
- OAuth2 authorization code grant type support.
- Configuring execution point of mediation extensions.

- Improved dashboard for monitoring usage statistics (Filtering data for a date range, More visually appealing widgets).