crowhill
crowhill

Reputation: 2558

Pass a Custom Authorization Token to the Backend

I am trying to send a custom token to an existing API via WSO2.

As in, I have a token for the backend API and I want it included in the header WSO2 sends to that API.

All google queries appear to lead to this page. Unfortunately, those instructions assume WSO2 cloud, where I am using a local install.

Are there instructions on how to do this with a local install? Preferably without Eclipse? Even more preferably within the WSO2 GUI?

Thanks!

EDIT:

As per an answer below, I've made some progress. Going from here, I've added this bit of xml

<?xml version="1.0" encoding="UTF-8"?>
<sequence xmlns="http://ws.apache.org/ns/synapse" name="default-endpoint-seq">
     <property name="Authorization" value="<valid token>" scope="transport"/>
</sequence>

and then added it to the "Message Mediation Policies" section under "inflow"

enter image description here

Sadly, I'm still getting forbidden. Seeing as I only have the dimmest idea what is going on here, that's probably not surprising.

[EDIT 3]

Cleaning up now that I have it working. The process above (and below) does work. Be sure to add "Bearer" to the xml...

<?xml version="1.0" encoding="UTF-8"?>
<sequence xmlns="http://ws.apache.org/ns/synapse" name="default-endpoint-seq">
     <property name="Authorization" value="Bearer <valid token>" scope="transport"/>
</sequence>

Upvotes: 0

Views: 595

Answers (1)

Bee
Bee

Reputation: 12513

There are 2 ways you can do this.

1) You can save backend password, in APIM itself. Refer below docs.

Set a password for a backend endpoint:

https://docs.wso2.com/display/AM210/Basic+Auth https://docs.wso2.com/display/AM210/Digest+Auth

Encrypt that password:

https://docs.wso2.com/display/AM210/Encrypting+Secure+Endpoint+Passwords

2) You can send the backend token in the request itself and let APIM pass it to the backend. You can create a sequence like this and attach to APIs.

<?xml version="1.0" encoding="UTF-8"?>
<sequence xmlns="http://ws.apache.org/ns/synapse" name="default-endpoint-seq">
     <property name="Authorization" expression="$trp:BackendToken" scope="transport"/>
</sequence>

Now, in your request, you need to send a header like this.

BackendToken: Bearer <Backend_Token>

Then it will be converted to below, inside the sequence and sent to the backend.

Authorization: Bearer <Backend_Token>

See below link for more details.

https://docs.wso2.com/display/AM210/Adding+Mediation+Extensions

Upvotes: 2

Related Questions