WSO2 API Manager 1.10 New REST API - How to obtain access token and invoke APIs


From API Manager 1.10 onwards we will provide complete REST API to do all store publisher operations. In this article we will dicuss how we can use it in secured manner.


Sample Request to registration API

URL: http://10.100.1.65:9763/client-registration/v1/register
HTTP Method: POST
Headers >
Content-Type: application/json
Basic Auth Headers


Body Payload:
{
"callbackUrl": "www.google.lk",
"clientName": "rest_api_store",
"tokenScope": "Production",
"owner": "admin",
"grantType": "password refresh_token",
"saasApp": true
}


Sample response

{
"callBackURL": "www.google.lk",
"jsonString": "{\"username\":\"admin\",\"redirect_uris\":\"www.google.lk\",\"tokenScope\":[Ljava.lang.String;@3a73796a,\"client_name\":\"admin_rest_api_store\",\"grant_types\":\"authorization_code password refresh_token iwa:ntlm urn:ietf:params:oauth:grant-type:saml2-bearer client_credentials implicit\"}",
"clientName": null,
"clientId": "HfEl1jJPdg5tbtrxhAwybN05QGoa",
"clientSecret": "l6c0aoLcWR3fwezHhc7XoGOht5Aa"
}


Then get token with scopes
API_PUBLISHER_SCOPE, publisher
API_SUBSCRIBER_SCOPE, "subscriber
API_CREATOR_SCOPE, creator
API_ADMINISTRATIVE_SCOPE, admin



curl -k -d "grant_type=password&username=admin&password=admin&scope=API_CREATOR_SCOPE" -H "Authorization: Basic Y1lIaGxnRU9UcmM5Q05LUGZVaDdaMDBQdUtzYTpzX1VjOVdRWURLdHNBd1lrSl9qcFc5bnVmdVVh" https://127.0.0.1:8243/token


Then invoke API with obtained token.

Empowering the Future of API Management: Unveiling the Journey of WSO2 API Platform for Kubernetes (APK) Project and the Anticipated Alpha Release

  Introduction In the ever-evolving realm of API management, our journey embarked on the APK project eight months ago, and now, with great a...