Enable ws-security for proxy service

Currently we have enabled ws-security in wso2 esb using policy file and role based authorization using Active Directory.

We would like to transition some of these services to wso2 api manager and implement the same security model.

How do we secure these APIs (that are facing web service client and not the backend web service) using ws-security on api manager?

Solution

To secure the APIs on API manager you can follow this guide. It provides various methods that can secure the APIs. Further if you need to implement role based authorization to the APIs in API manager you can refer to this tutorial.

Hope this helps.

How to get username of API caller in wso2 apim in Basic Authorization?
What exactly is the difference between "WSO2 API Manager" and "WSO2 Data Analytics Server" and "WSO2 Application Server"?
How to pass a value from inSequence to outSequence in WSO2 ESB?
Import Backend services description into WSO2 APIM
Is there a way to add username in API Log in WSO2 APIM?
Not able to setup WSO2 APIM Analytics
How to make gRPC request in WSO2 micro-integrator via Postman?
adding security headers in wso2am-4.0.0 (sts & csp & referer headers)
How to pass Authorization Header WSO2 (API Manager) to my backend service?
Prevent WSO2 AM of dropping authorization token from request
Does WSO2 APK(API Platform for Kubernetes) have Graphical User Interface such as DevPortal and Publisher and Admin , ....?
WSO2 Loop through Json array
ELK Stack Integration not working with WSO2 API Manager
Why "save" button is disabled in WSO2 APIM Publisher at Runtime tab.? In some APIs button is disabled
Azure API Management Wildcard operation returns 404
Web Socket API - does not work when adding a variable
wso2 custom class mediator database connection issue and external jar not picking
Configuring Keyclock 22.0.4 as a key manager in WSO2 APIM
WSO2 APIM 4.2.0 update to 4.3.0
"Could not add subscription" error when WSO2 API Manager starts
API Manager - Too many java threads
WSO2 API Manager (4.2.0) - How to build the latest version using the source?
Having issues with Gateway Access URLs(token issues) in wso2 API Manager 4.1.0
disable soap in wso2 api manager gateway https://IPaddr:9443/services
How to disable showing default Axis2 services (https://localhost:8243/services/Version?wsdl) in WSO2 API manager 3.2.0?
the token expires when I generate another token wso2 apim 4.0.0
base64 encoding of json payload in WSO2
Login page issue in WSO2 v4.2.0
WSO2 API Manager (wso2am-4.1.0) - How to set a management hostname different from the hostname?
How to handle Mina Exception Logs in WSO2 APIM Gateway