如何以编程方式将用户添加到wso2密钥管理器？

Question

I'm using wso2 API Manager with the default key manager. I'm not using Identity Server (IS) in the setup.

I have read that Identity Server (IS) provides SCIM Apis to add users programmatically. Is it possible to do the same, without IS?

I would expect that 1) an application should be able to register a new user (with username and password) to Key Manager 2) the application should call the /token service in order to get the token, using username, password and Basic Authentication with the API key I have provided.

Answer 1

From your request I assume you are using WSO2 APIM (you may be specific in your questions)

I have read that Identity Server (IS) provides SCIM Apis to add users programmatically. Is it possible without IS?

As far I know the SCIM is provided by an identity server (short answer - no), but there are other options you may have to achieve your goals

I would expect that 1) an application should be able to register a new user (with username and password) to Key Manager

1. You could manage users with underlying userstore (LDAP, ...)
2. You can use Admin Services , see eg RemoteUserStoreManagerService (I'd recommend this option if you are using the build-in jdbc userstore)

2) the application should call the /token service in order to get the token, using username, password and Basic Authentication with the API key I have provided.

To get a user token with user credentials you may use OAuth2 password grant type .

IMHO - instead of sending application credentials as basic authentication I suggest to follow pure OAuth2 specification and send the application credentials as parameters (client_id, client_secret). WSO2 supports this option too and this way you stay more aligned to standards (supporting other products/services if needed).