WSO2 api manager with keycloak auth server
Question
I am about to configure the "WSO2 API Manager", but since I have been using Keycloak as SSO server in my old applications, I would like to know if it is possible to use keycloak SSO as authentication server for "WSO2 API Manager"?
Thanks in advance!
2 answers
solution1
1 2017-03-20 09:44:33
Yes, its possible with a third-party Key Manager. See https://docs.wso2.com/display/AM200/Configuring+a+Third-Party+Key+Manager .
I have implemented this for OpenID Connect token support. I don't think there is an out-of-the-box solution yet.
The custom code to be written must handle two major situations:
- In API Store each created application must be linked to a Keycloak client. Therefore the application name and consumer key on API Store side must correspond to the clientId on Keycloak. The client secret from Keycloak must be retrieved to go into the corresponding consumer key in API Store.
- The key validation in the API Manager Key Manager module must be executed as token introspection request to Keycloak.
solution2
0 2016-12-08 10:49:52
You can configure SSO[1] for API Manager store and publisher with any SSO IDP. Also you can use third party keymanager[2]
[1] https://docs.wso2.com/display/AM200/Configuring+Single+Sign-on+with+SAML2
[2] https://docs.wso2.com/display/AM190/Configuring+a+Third-Party+Key+Manager
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.