Monday, November 16, 2015

WSO2 API Manager 1.10 New REST API - How to obtain access token and invoke APIs


From API Manager 1.10 onwards we will provide complete REST API to do all store publisher operations. In this article we will dicuss how we can use it in secured manner.


Sample Request to registration API

URL: http://10.100.1.65:9763/client-registration/v1/register
HTTP Method: POST
Headers >
Content-Type: application/json
Basic Auth Headers


Body Payload:
{
"callbackUrl": "www.google.lk",
"clientName": "rest_api_store",
"tokenScope": "Production",
"owner": "admin",
"grantType": "password refresh_token",
"saasApp": true
}


Sample response

{
"callBackURL": "www.google.lk",
"jsonString": "{\"username\":\"admin\",\"redirect_uris\":\"www.google.lk\",\"tokenScope\":[Ljava.lang.String;@3a73796a,\"client_name\":\"admin_rest_api_store\",\"grant_types\":\"authorization_code password refresh_token iwa:ntlm urn:ietf:params:oauth:grant-type:saml2-bearer client_credentials implicit\"}",
"clientName": null,
"clientId": "HfEl1jJPdg5tbtrxhAwybN05QGoa",
"clientSecret": "l6c0aoLcWR3fwezHhc7XoGOht5Aa"
}


Then get token with scopes
API_PUBLISHER_SCOPE, publisher
API_SUBSCRIBER_SCOPE, "subscriber
API_CREATOR_SCOPE, creator
API_ADMINISTRATIVE_SCOPE, admin



curl -k -d "grant_type=password&username=admin&password=admin&scope=API_CREATOR_SCOPE" -H "Authorization: Basic Y1lIaGxnRU9UcmM5Q05LUGZVaDdaMDBQdUtzYTpzX1VjOVdRWURLdHNBd1lrSl9qcFc5bnVmdVVh" https://127.0.0.1:8243/token


Then invoke API with obtained token.

No comments:

Post a Comment