Reputation: 2558
I am trying to send a custom token to an existing API via WSO2.
As in, I have a token for the backend API and I want it included in the header WSO2 sends to that API.
All google queries appear to lead to this page. Unfortunately, those instructions assume WSO2 cloud, where I am using a local install.
Are there instructions on how to do this with a local install? Preferably without Eclipse? Even more preferably within the WSO2 GUI?
Thanks!
EDIT:
As per an answer below, I've made some progress. Going from here, I've added this bit of xml
<?xml version="1.0" encoding="UTF-8"?>
<sequence xmlns="http://ws.apache.org/ns/synapse" name="default-endpoint-seq">
<property name="Authorization" value="<valid token>" scope="transport"/>
</sequence>
and then added it to the "Message Mediation Policies" section under "inflow"
Sadly, I'm still getting forbidden. Seeing as I only have the dimmest idea what is going on here, that's probably not surprising.
[EDIT 3]
Cleaning up now that I have it working. The process above (and below) does work. Be sure to add "Bearer" to the xml...
<?xml version="1.0" encoding="UTF-8"?>
<sequence xmlns="http://ws.apache.org/ns/synapse" name="default-endpoint-seq">
<property name="Authorization" value="Bearer <valid token>" scope="transport"/>
</sequence>
Upvotes: 0
Views: 595
Reputation: 12513
There are 2 ways you can do this.
1) You can save backend password, in APIM itself. Refer below docs.
Set a password for a backend endpoint:
https://docs.wso2.com/display/AM210/Basic+Auth https://docs.wso2.com/display/AM210/Digest+Auth
Encrypt that password:
https://docs.wso2.com/display/AM210/Encrypting+Secure+Endpoint+Passwords
2) You can send the backend token in the request itself and let APIM pass it to the backend. You can create a sequence like this and attach to APIs.
<?xml version="1.0" encoding="UTF-8"?>
<sequence xmlns="http://ws.apache.org/ns/synapse" name="default-endpoint-seq">
<property name="Authorization" expression="$trp:BackendToken" scope="transport"/>
</sequence>
Now, in your request, you need to send a header like this.
BackendToken: Bearer <Backend_Token>
Then it will be converted to below, inside the sequence and sent to the backend.
Authorization: Bearer <Backend_Token>
See below link for more details.
https://docs.wso2.com/display/AM210/Adding+Mediation+Extensions
Upvotes: 2