WSO2 API Manager- Customizing Store User Sign-Up

WSO2 API Manager allows on boarding new users to the API store through a Sign-up page. The default sign-up page has set of mandatory and optional fields for user to provide details. However, there can be cases where one needs to customize the available fields by modifying available ones or/and adding new fields.

This can be easily achieved in WSO2 API manager since the fields are loaded dynamically from the user claim attributes. So this post explains how we can customize the default Sign-up page.

By default API Store Sign-up looks as below. Note that this blog posts shows how to do this in APIM 2.1.0.

Let's say you want to add a new field called 'City' to Store Sign-up page. This post provides step by step instructions on how to achieve this.

1. Start API Manager 2.1.0 and go to Management Console (https://localhost:9443/carbon/)

2. Go to Claims -> Add -> Add Local Claim

3. Enter the below values for the new claim.

Claim URI :
Display Na…

Customizing Lifecycle states in WSO2 API Manager

WSO2 API Manageris a 100% open source API Management solution inluding support for API publishing, lifecycle management, developer portal, access control and analytics. APIs have their own life cycle which can be managed through WSO2 API Publisher while enabling many essential features for API Management, such as,

Create new APIs from existing versionsDeploy multiple versions in parallelDeprecate versions to remove them from storeRetire them to un-deploy from gatewayKeeps audit of lifecycle changesSupports customizing lifecycles 
The ability to customize API life cycle provides a greater flexibility to achieve various requirements. There are few extension points available for customizing the API Lifecycle. Find more details about those from the product documentation [1].  Adding new lifecycle stateChanging the state transition eventsChanging the state transition execution (In each state transition, we can configure an execution logic to be run)
In this blog post, I will explain how we …

Encrypting passwords in WSO2 APIM 2.0.0

WSO2 products support encrypting passwords which are in configuration files using secure vault.
You can find the detailed documentation form here of how to apply secure vault to WSO2 products.

This post will provide you the required instructions to apply secure vault to WSO2 APIM 2.0.0.

1. Using the automatic approach to encrypt the passwords given in XML configuration files.
Most of the passwords in WSO2 APIM 2.0.0 are in XML configuration files. Therefore you can follow the instructions given in here to encrypt them.

2. Encrypting passwords in file and files.
As did in above section, the passwords in XML configurations can be referred in file via Xpaths. Therefore cipher-tool can automatically replace the plain text passwords in XML configuration files.

However, passwords in files such as file and filee need to be manually encrypted.
Encrypting passwords in file. Since passwords …

Dynamic Endpoints in WSO2 API Manager

From WSO2 APIM 1.10.0, we have introduced new feature to define dynamic endpoints through synapse default endpoints support. In this blog article, I am going to show how we can create an API with dynamic endpoints in APIM.

Assume that you have a scenario where depending on the request payload, the backend URL of the API differs. For instance, if the value of "operation" element in the payload is "menu", you have to route the request to endpoint1 and else you need to route the request to endpoint2.

{ "srvNum": "XXXX", "operation": "menu" } In APIM, dynamic endpoints are achieved through mediation extension sequences. For more information about mediation extensions refer this documentation.

For dynamic endpoints we have to set the "To" header with the endpoint address through a mediation In-flow sequence. So let's first create the sequence which sets the "To" header based on the payload. Create a fil…

How to invoke APIs in SOAP style in Swagger

WSO2 API Manager has integrated Swagger to allow API consumers to explore APIs through a interactive console which is known as 'API Console'

This swagger based API Console supports invoking APIs i REST style out of the box. So this post going to show how we can invoke APIs in SOAP style in API console of WSO2 API Manager 1.7.0. For that we need to do few extra configurations.

1. Send SOAPAction and Content-Type header in the request
2. Enable sending SOAPAction header in the CORS configuration

First create an API for a SOAP Service. In this example I am using HelloService sample SOAP service of WSO2 Application Server. This HelloService has a operation named greet which accepts a payload as below.

1. Create API

Figure-1 : Design API 

Figure-2 : Implement API by giving SOAP endpoint

Figure-3 :Save and Publish API

2. Update Swagger API Definition
Now we have to edit the default Swagger content and add SOAPAction and Content-Type header. For that go to 'Docs' tab and…

Multi Tenant API Management with WSO2 API Manager - Part 2

In the previous post we discussed what is multi-tenancy, multi-tenancy in API Development and multi-tenancy in API Store(Consumption). In this post we will be discussing how subscriptions can be managed among multiple tenants, how APIs an be published into different tenant domains, multi-tenancy in API Gateway, multi-tenancy in Key Manager and also multi-tenancy in API Statistics. 
Manage subscriptions among multiple tenants
In the previous post we discussed how different tenants can develop and consume APIs in isolated views of API Publisher and API Store.This section describes how API creators can control who can subscribe to an API. In the Add API page, under Subscriptions you can select the Subscriptions Category.
There are 3 subscription categories.
Available to current Tenant Only
The API will be allowed to subscribe for users in current tenant domain only(tenant domain of API Creator).
Available to All the Tenants
The API will be allowed to subscribe for all the tenants in the deplo…

Multi Tenant API Management with WSO2 API Manager - Part 1

WSO2 API Manager provides a complete solution for API Management. With Multi-tenancy in WSO2 API Manager, organizations can collaborate and monetize their APIs across multiple entities such as departments, partners or simply between separate development groups. 
Why Multi-Tenancy

The goal of Multi Tenancy is, maximizing resource sharing among multiple tenants while providing an isolated view for each tenant.

One of the main benefits of multi-tenancy is the ability to use a single deployment for multiple tenants which lowers the cost and provides better administration. Further this is ideal for  multi departmental and multi-partner type of business settings.

Multi-Tenancy in API Development
WSO2 API Manager provides a simplified Web interface called WSO2 API Publisher for API Design, Implementation and Management. It is a structured GUI designed for API creators to design, implement, manage, document, scale and version APIs, while also facilitating more API management-related ta…