integrating wso2 identity server and api manager - wso2-api-manager

I want to integrate WSO2 Identity server and API manager together so that user authentication can be done by WSO2 Identity server and API level authorization can be done in the API Manager.I am using WSO2 identity server separately so that one day if i have to remove API Manager , authentication will work properly.
Can someone explain the workflow/architecture? Where should i keep the users , in the identity server or in the API Manager? I Would like to have the /oauth2/token token generation code to hit the Identity server .How can i achieve this?
Is there a cloud hosting for WSo2 Identity server.
Thanks

If you want to configure WSO2 IS as an keymanager all the detailed steps can be found in WSO2 doc https://docs.wso2.com/display/CLUSTER44x/Configuring+the+Identity+Server+5.2.0+as+a+Key+Manager+with+API+Manager+2.0.0

Related

how to handle backend credentional in wso2 api manager?

I am using wso2 apimanager 3.2.0 and I am going to design some rest service that use my backend service. this backend service has basic authentication, so how to invoke and handle it in apim?
You can define endpoint security when you are developing the API the Endpoints section of the API in the Publisher portal.
For more information, see documentation.

WSO2 JWT Authentication and Gateway grouping

I have been trying to configure WSO2 API manager as our API Gateway. I am facing below issues while configuring and testing.
Authorization of apis migrated to WSO2
Getting JSONObject["exp"] not found. when trying to access API with Token
Not sure about the client ID which has to be given for Authorization URL: https://localhost:8243/authorize
Is this URL: https://localhost:8243/authorize is the one we use for authenticate the APIs
Have used carbon for creating users, Service and Identity providers, Are they related to each other and how can we use it for the JWT authentication
Is this subscription means creating a user for using API?
How i can group multiple APIs into a microgateway
Please help me
Thanks

WSO2 Identity Server SCIM API Internationalization

We are using WSO2 Identity Server SCIM APIs for user management(i.e creating,listing,updating and authenticating users) in our application.We are also using WSO2 API Manager token API for fetching access token.Our application supports internationalization and we have to display error messages recieved as response from the above mentioned APIs in the localized language.
Does WSO2 support localization for these APIs? If so, is there any reference link to help with the implementation.
Currently WSO2 IS/APIM does not support API level localization. Only UI level localization[1] is supported.
[1] https://docs.wso2.com/display/AM210/Adding+Internationalization+and+Localization

Enable ws-security for proxy service

Currently we have enabled ws-security in wso2 esb using policy file and role based authorization using Active Directory.
We would like to transition some of these services to wso2 api manager and implement the same security model.
How do we secure these APIs (that are facing web service client and not the backend web service) using ws-security on api manager?
To secure the APIs on API manager you can follow this guide. It provides various methods that can secure the APIs. Further if you need to implement role based authorization to the APIs in API manager you can refer to this tutorial.
Hope this helps.

How to integrate google and facebook to API-M via Identity service at the same time?

My environment is :
wso2 API-M cluster and the Key manager is wso2 identity service.
What I wanna do is :
User can login via Google or Facebook account to API-M publisher and store.
My question is :
I know I have to create two identity provider for google and Facebook, and then create service provider for API-M publisher/store and identity providers.But I can't assign two issuer id in one ssoConfiguration in <AM_Home>/repository/deployment/server/jaggeryapps/publisher/site/conf/site.json
thanks
Tom
In the service provider setting
I can add the two service in the local&outbound authentication configuration.

Resources