This API Access model is designed to communicate one thing clearly: WISPGate is not just exposing APIs—it is controlling how every external system interacts with your operational core.
At the entry point, Clients represent all external consumers—web apps, mobile apps, partners, and internal tools. The key here is diversity: multiple actors, different trust levels, same controlled entry. Nothing talks directly to your core.
The first real gate is the Authentication Layer. This is not just about logging in—it’s about identity, scope, and control.
API keys, OAuth, and JWT tokens ensure that every request is authenticated, while rate limiting prevents abuse and enforces fairness across tenants. This layer answers the question: who are you, and what are you allowed to do?
Next comes the API Gateway, which is where most of the real discipline happens. It validates requests, enforces schemas, applies throttling, and logs everything.
This is your traffic controller—it doesn’t just pass requests, it shapes them. Bad requests die here. Good ones get routed precisely to the right module.
Behind that sits the WISPGate Core APIs, separated by domain: Billing, CRM, AAA/RADIUS, OSS/Inventory. This is critical.
You’re not exposing a monolithic API—you’re exposing structured, domain-driven interfaces that mirror how ISPs actually operate. Each module becomes independently consumable while still governed centrally.
On the outbound side, Webhooks & Events turn the system into a real-time, event-driven platform. Instead of forcing clients to poll for updates, WISPGate pushes events like billing changes, service activations, and notifications.
This shifts integrations from reactive to proactive—and that’s a big architectural upgrade most competitors don’t fully embrace.
If you look at the flow as a whole, it’s not just request → response. It’s:
The real message behind this model is:
WISPGate doesn’t just provide APIs—it enforces a secure, scalable, and predictable interaction layer between external systems and your entire OSS/BSS stack.
Explore how WISPGate’s API Access integrates with the broader ecosystem to deliver a fully connected platform.
Dive into the database structure, scalability, and security models that power the WISPGate core.