How to choose between the sandbox and production endpoints when having an unsecured API
I have an unsecured API where Oauth2 is disabled:
With secured APIs, you generate an access token using the sandbox/production credentials, so WSO2 knows to which backend endpoint it should send the request.
However with open APIs that approach doesn't apply (obviously) since there isn't an access token involved.
All calls to this API are sent to the sandbox backend. Is there a way to invoke different backends (sandbox / production)
You can use dynamic endpoints for such use cases. Here the endpoint is selected based on a property. it can be either an environment variable, a request header, or a property passed in the request body. If you are using APIM 4.1.0, instead of mediation section as mentioned in the doc, use policies[1]. Doc is not updated for APIM 4.1.0.
[1] - https://apim.docs.wso2.com/en/3.2.0/learn/api-gateway/message-mediation/adding-dynamic-endpoints/
[2] - https://apim.docs.wso2.com/en/latest/design/api-policies/overview/