I have been trying to configure WSO2 API manager as our API Gateway. I am facing below issues while configuring and testing.
Authorization of apis migrated to WSO2
Getting JSONObject["exp"] not found. when trying to access API with Token
Not sure about the client ID which has to be given for Authorization URL: https://localhost:8243/authorize
Is this URL: https://localhost:8243/authorize is the one we use for authenticate the APIs
Have used carbon for creating users, Service and Identity providers, Are they related to each other and how can we use it for the JWT authentication
Is this subscription means creating a user for using API?
How i can group multiple APIs into a microgateway
Please help me
Thanks
Related
I am using wso2 apimanager 3.2.0 and I am going to design some rest service that use my backend service. this backend service has basic authentication, so how to invoke and handle it in apim?
You can define endpoint security when you are developing the API the Endpoints section of the API in the Publisher portal.
For more information, see documentation.
We are using WSO2 Identity Server SCIM APIs for user management(i.e creating,listing,updating and authenticating users) in our application.We are also using WSO2 API Manager token API for fetching access token.Our application supports internationalization and we have to display error messages recieved as response from the above mentioned APIs in the localized language.
Does WSO2 support localization for these APIs? If so, is there any reference link to help with the implementation.
Currently WSO2 IS/APIM does not support API level localization. Only UI level localization[1] is supported.
[1] https://docs.wso2.com/display/AM210/Adding+Internationalization+and+Localization
I want to integrate WSO2 Identity server and API manager together so that user authentication can be done by WSO2 Identity server and API level authorization can be done in the API Manager.I am using WSO2 identity server separately so that one day if i have to remove API Manager , authentication will work properly.
Can someone explain the workflow/architecture? Where should i keep the users , in the identity server or in the API Manager? I Would like to have the /oauth2/token token generation code to hit the Identity server .How can i achieve this?
Is there a cloud hosting for WSo2 Identity server.
Thanks
If you want to configure WSO2 IS as an keymanager all the detailed steps can be found in WSO2 doc https://docs.wso2.com/display/CLUSTER44x/Configuring+the+Identity+Server+5.2.0+as+a+Key+Manager+with+API+Manager+2.0.0
Currently we have enabled ws-security in wso2 esb using policy file and role based authorization using Active Directory.
We would like to transition some of these services to wso2 api manager and implement the same security model.
How do we secure these APIs (that are facing web service client and not the backend web service) using ws-security on api manager?
To secure the APIs on API manager you can follow this guide. It provides various methods that can secure the APIs. Further if you need to implement role based authorization to the APIs in API manager you can refer to this tutorial.
Hope this helps.
How can I pass the access token created on an OpenIdConnect Federated IDP to the developer application?
Currently, the federated access token doesn't get passed through the API Manager and the API Manager generates a new access token for the application.
You won't be able to plug in an external IDP and generate access tokens using an out-of-the-box API Manager. But you can implement a custom keymanager implementation and plug external third party keymanager to API manager and then use that tokens. See Configuring a Third-Party Key Manager in the product documentation regarding this. It has a sample where "Surf OAuth Authorization Server" is use as the key manager. You will be able to implement similar thing for your scenario.
following are some good posts related to this feature.
https://amilasnotes.wordpress.com/2015/06/20/customizing-key-validation-flow/
https://amilasnotes.wordpress.com/2015/05/19/integrating-with-a-third-party-oauth-provider-overview/
https://amilasnotes.wordpress.com/2015/06/07/provisioning-oauth-clients-created-out-of-band/