Reputation: 298
How to set up an endpoint security using wso2 api manager rest apis (NOT Publisher web portal)
I am using wso2 apim 4.0.0. I would like to create and publish an api. According to the documentation, besides publisher web portal, one can do this by using rest api. I think, to fulfill this task followings should be done:
- Create the api by using https://{apimhost}/api/am/publisher/v2/apis
- Create a revision for the api using https://{apimhost}/api/am/publisher/v2/apis/{apiId}/revisions
- Deploy the revision using https://{apimhost}/api/am/publisher/v2/apis/{apiId}/deploy-revision
- Publish the api using https://{apimhost}/api/am/publisher/v2/apis/change-lifecycle
There might be situations where endpoints are secured. Let's say it is secured with basic auth. One can easily set this up on publisher web portal using endpoint security configurations as depicted below:
The question is how I can set up security parameters endpoints using publisher(or another) rest api? Is there any api to specify security parameters for endpoints?
Upvotes: 0
Views: 281
Answers (1)
Reputation: 2218
Adding Endpoint Security configurations can be achieved via the WSO2 API Manager Publisher REST API by introducing the endpoint_security block to the API creation request body as defined below
...
"endpointConfig": {
"endpoint_type": "http",
"sandbox_endpoints": {
"url": "http://backendurl"
},
"production_endpoints": {
"url": "http://backendurl"
},
"endpoint_security": {
"sandbox": {
"password": null,
"tokenUrl": null,
"clientId": null,
"clientSecret": null,
"customParameters": {},
"type": null,
"grantType": null,
"enabled": false,
"username": null
},
"production": {
"password": null,
"tokenUrl": "http://tokenendpoint",
"clientId": "clientID",
"clientSecret": "clientSecret",
"customParameters": {},
"type": "OAUTH",
"grantType": "CLIENT_CREDENTIALS",
"enabled": true,
"username": null
}
}
},
...
Upvotes: 4
Related Questions
- WSO2 Configuration (IS Application securing APIM endpoint)
- WSO2 API Management resource owner authentication
- wso2 api manager how to protect backend apis
- APIs are to be protected by wso2 Identity server
- How to protect REST API with wso2 IS?
- WSO2 APIM security - separation of the publisher access
- Authenticate for new APIM REST APIs?
- WSO2 APIM Authentication
- Securing Rest API in WSO2 ESB
- Wso2 API MANAGER WSDL security