stackoom
  简体   繁体   中英

How to call/configure a secured API in WSo2 API manager

 原文  2019-07-15 11:01:11       wso2/ wso2-am

Question

I need to configure a set of apis which are secured and uses client credentials and password alone with client key and secret key. And how to track the users that are trying to access the API.

I tried by adding proxy mediators.

3 answers

solution1
 0  2019-07-31 13:01:32

By default, the API which you will create in WSO2 API Manager will have secure feature. You can secure the APIs with oauth which comes inbuilt in the application or you can integrate the WSO2 Identity Server to be used as Identity Provider for WSO2 APIM. Below link will show how to create and publish APIs in APIM Manager. [ https://docs.wso2.com/display/AM250/Create+and+Publish+an+API]

Once you are able to invoke the created API, you can check the usage of that API by checking on the Analytics profile for it. You can have it integrated with the API Manager. Below link is useful to setup Analytics profile for APIM 2.5.0 [ https://docs.wso2.com/display/AM250/Configuring+APIM+Analytics/]

Once the Analytics is setup for APIM, you can use the DB to fetch the usage of the APIs.

solution2
 0  2019-09-19 11:30:36

To solve your query, this is how you should proceed.

You can add a custom sequence in the inflow of the API ( you can do that from API Publisher only by editing it) [ https://docs.wso2.com/display/AM260/Adding+Mediation+Extensions]

Sequence Code will be like below: 

    <sequence xmlns="http://ws.apache.org/ns/synapse" name="custom-sequence_name">

    <property xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope"
                xmlns:ns3="http://org.apache.synapse/xsd"
                name="accesstoken"
                value="put your token here"
                scope="transport"
                type="STRING"/>
    </sequence>

This above one is for token for backend which is static. For dynamic token you can create a sequence accordingly.

This should solve your query :)

For dynamic, go here [ How the external authentication handled in WSO2 APIM for an external/Third Party APIs

solution3
 0  2019-10-13 11:21:27

If your backend is oauth secured then you can use one of the following methods

  1. Method-1

OAuth mediator which can be used for generating OAuth 2.0 tokens and for calling the backends that are secured with OAuth 2.0 protocol. Refer this .

  1. Method-2

writing a mediation sequence which generates an access token for the backend and making a connection to the OAuth 2.0 secured backend.Refer this blog.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to configure WSO2 API Manager Analytics How to Configure WSO2 DAS And WSO2 API Manager WSO2 API Manager - How to configure WSO2 Analytics Server with 2 Instances of API Manager Up and Running How to configure and see API Statistics in WSO2 API Manager 3.0.0? Configure public domain for WSO2 API Manager WSO2 API Manager How to configure custom domain and SSL How to configure WSO2 API Manager to an external Identity Provider? How to configure multi tenancy in WSO2 API manager 1.4? How to Configure Path Params in Wso2 API manager 1.8? How to configure WSO2 API Manager for hourly logs
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM