Search code examples
apiwso2tokenwso2-api-manager

How to pass Authorization Token to my backend service through WSO2 (API Manager) version 4.1.0?

I need to pass Authorization Token from API Manager (WSO2) to my Backend using policies like Header policy but it works for me only using cURL but not with UI.

curl -k -X 'GET'
'https://localhost:8243/test/1.0.0/support/get/55'
-H 'accept: /'
-H 'Authorization: Bearer gatewayToken
-H 'Authorization: Bearer BackendToken'

Screenshot of the result after adding Header policy

Solution

  • By default the authorization header is dropped from the API gateway after validating the request. So you can't send the same header here with multiple values. If you want to send a custom header in the UI, you can do this as follows.

    1. In the API publisher click on the API and go to the API configuration section.
    2. Click on the resource tab and select a HTTP method.
    3. Under parameters, you can add a header. Then from the Swagger UI, you can set this header when trying out the request.

    enter image description here

    Using API policies in API Manager 4.1.0, you can add AddHeader policy and send any static headers to the backend services.