Search code examples
wso2access-tokenwso2-api-managerbearer-tokenwso2-enterprise-integrator

Call API without manually generate token

I'm using WSO2 to create API (Bearer token). Then I want to configure it to auto-generate token (Basic Auth) and use response as access-token. How can I get that? Thank you so much!

Solution

  • In WSO2 APIM, you can protect your API resources with different mechanisms (OAuth2, API Key, Basic Authentication) or you can disable the security.

    1. Disable API resource security

    If you don't want any securities to your API you can disable them in the publisher portal --> Select the API --> Resources --> Expand the resource --> Disable the Security button --> Save

    enter image description here

    2. Secure API with Basic Authentication

    If you want to secure your API resources with username and password (Basic Authentication) you can enable it by navigating to the publisher portal --> Select the API --> Runtime Configurations --> Application Level Security --> Select Basic --> Save enter image description here

    In the developer portal, you can invoke the API resources with the username and password. The sample curl command is provided below.

    curl -X GET "https://localhost:8243/pizzashack/1.0.0/menu" -H "accept: application/json" -H "Authorization: Basic YWRtaW46YWRtaW4="

    Please note that the above solution is given for APIM-3.2.0. For more details on securing the APIs using Basic Authentication please refer https://apim.docs.wso2.com/en/latest/design/api-security/api-authentication/secure-apis-using-basic-authentication/