Invoking APIs using a Web App with OAuth2 and use of JWT - WSO2 API Manager
In this post I am to share my experience and understandings using WSO2 API Manager(API-M) for a very common and useful scenario in the industry. In brief following is the flow. An API is exposed for app developers to be used under the control of API Manager (which adds access control for the API). Then app developers make their apps consuming those APIs. After development and testing is completed they make it available for end users at App store. The end users can then get registered in the store and use the apps with own credentials. The app will provide the desired services calling the APIs it has subscribed to. The above scenario is well demonstrated in WSO2 API-M with the pizza shack example explained in the documentation at [1]. For clarity I will be including the steps in brief. For detailed steps we can refer documentation at [1]. API Developer Role We deploy the back-end services related to 'pizza ordering' in WSO2-Application server ...