Pushpalanka's Blog

OAuth2 is widely used in the enterprise today for authorization aspects of APIs. This is the second post on the extension points available in WSO2 Identity Server after WSO2 Identity Server - Extension Points - Part 1 - SAML All the implementation using following extension point needs to be configured at <IS_HOME>/repository/conf/identity/identity.xml file under the element OAuth. 1. Custom OAuth grant handler Usage: When we need to support an OAuth flow that is different from standard grant types. Validates the grant, scopes, and access delegation. Sample: https://docs.wso2.com/display/IS510/Writing+a+Custom+OAuth+2.0+Grant+Type Interface: org.wso2.carbon.identity.oauth2.token.handlers.grant.AuthorizationGrantHandler 2. Client Auth Handler Usage: When the client credential authentication needs to be customized. By default we validate the client id and secret. Interface: org.wso2.carbon.identity.oauth2.token.handlers.clientauth.ClientAuthenticationHan...

In this post I am to share my experience and understandings using WSO2 API Manager(API-M) for a very common and useful scenario in the industry.  In brief following is the flow. An API is exposed for app developers to be used under the control of API Manager (which adds access control for the API). Then app developers make their apps consuming those APIs. After development and testing is completed they make it available for end users at App store. The end users can then get registered in the store and use the apps with own credentials. The app will provide the desired services calling the APIs it has subscribed to. The above scenario is well demonstrated in WSO2 API-M with the pizza shack example explained in the documentation at [1]. For clarity I will be including the steps in brief. For detailed steps we can refer documentation at [1].  API Developer Role We deploy the back-end services related to 'pizza ordering' in WSO2-Application server ...