I am generating JWT token from WSOAM which is then passed as a header to API. I have my API created in nodejs and I am using jsonwebtoken plugin to verify and decode the JWT. I am unable to find R...

I would like to understand the difference between grant_type=client_credentials and grant_type=password in Authentication or in OAuth2 Flow concept. I am following below sites: http://help.atavist...

I am using WSO2 API Manager version 1.9.1. In this tool, I publish my sample project (i.e., proxied) and subscribe that project to get consumer key and secret. This tool also gives me CURL command ...

curl -X GET --header 'Accept: application/json' --header 'Authorization: Bearer 90d2c018-73d1-324b-b121-a162cf870ac0' 'https://172.17.0.1:8243/V1.0.2/stock/getNA?name=te' The terminal prompted &...

How can I disable HTTPS for WSO2 Api Manager (admin/gw/other components)? We want to SSL-terminate on our front load-balancers - and not on the end WSO2-products. If I visit port 9763 I'll get redi...

This error is being printed in the WSO2 API Manager wso2carbon.log.. sun.security.ssl.SSLSocketFactoryImpl.createSocket(SSLSocketFactoryImpl.java:88) at org.wso2.carbon.databridge.agent.endpoint....

Is it possible in WSO2 API Manager, or maybe is it on the roadmap, to publish an async API, for example in Kafka, and manage it like other sync API with spec (Async API spec), security, analytics, ...

I am using wso2 api manager 3.0 and unable to make any changes in api-manager.xml, whatever changes, I made those get reverted after the restart of server. I tried it from changing the off-set port...

I made the whole configuration of this link: https://docs.wso2.com/display/AM210/Configuring+WSO2+Identity+Server+as+a+Key+Manager and now I get this error when I make a request for my API: &lt...

Is it possible to remove security for some specific requests in my api list using WSO2 API manager version 3. For example, I have following requests /customer - post /products - get /customer/ad...

What is the recommended way for validating that a JWT was issued by a specific API Manager instance in a case where the backend web service lives on a separate server and needs to be certain that a...

I have an API configured in WSO2 API Manager that allows multiple different OAuth 2.0 grant types (client credentials and openid). My API requires a different behavior depending on whether ...

I follow many links on stackoverflow and tried many solutions, but none of them worked for me. I'm using WSO2 API manager version 1.9.1. I am facing following error: Exception in thread "main" jav...

I have launched WSO2 API Manager locally. I'm trying to add API endpoint with https connecttion. It shows me that kind of error. It shows me Invalid. unable to find valid certification path to ...

I'm trying to do something that seemed simple but ends up being difficult because I lack the expertise. I have an APIM deployed with no customisation security-wise (don't worry, it's not productio...

I have configured wso2 identity server as a key manager for wso2 api manager using the following link.1 I have created the api through wso2 api manager publisher.And i have given auth type as Appl...

Both of the WSO2 API manager and its backend API server(on Azure) are using OAuth2. They all use the same header as follow: WSO2 API manager Authorization: Bearer 72135e9f1dc96201949351261284d...

I'm currently developing an application in Jaggery which I deploy on their API manager. From the Jaggery back end I'm calling a SOAP webservice using the method documented here, which specifies: ...

I need to pass Authorization Header from API Manager (WSO2) to my Service Bus Aplication (Oracle). I saw in another post that I cant do that, because API will validate the token against the key ma...

I'd like to enable CORS on my WSO2 API Manager instance for all endpoints. I've been through the documentation (which is great) and it suggests altering the repository/conf/api-manager.xml file as...

I have an API that requires the tenant as a header. If I create a custom in-sequence: <sequence name="WSO2AM--Ext--In"> <header name="X-Tenant-Id" scope="transport" action="set" exp...

I have apimanger v1.5.0. It authorize request by access_token and forward to backend. Backend need enduser name for processing request. I do not want add JWT-headers to request because that insecur...

I have a working system with ESB (non-WSO2 product) already. I'm now trying to integrateWSO2 API Manager into my working system for 3rd party developer. Is it possible to replace WSO2 ESB in API Ma...