Search code examples
wso2wso2-api-managerwso2-enterprise-integrator

creating an endpoint with JWT token authoriztion in wso2 integration studio

I have an endpoint which requires an authorization token to be added the header in order to authorize the request. I am creating the same endpoint in wso2 integration studio. But I am stuck on how to pass the authorization token to the header. I have found some auth configurations in the endpoint but I am at a loss of understanding those properties.

see here

Where do I need to pass the bearer token in these properties. Thank you.

Solution

  • According to the OAuth spec, you can generate a JWT token by using one of the following grant types(listed only those supported by MI),

    • Refresh Token grant type
    • Client Credentials grant type
    • Password grant type

    Depending on the grant type, you will need to define the required parameters to generate the token. Once the token is generated, it will be set to the Authorization header as a Bearer token by the call mediator(You don't need to manually set it). For example, if you are OAuth server support Client Credentials grant type, you can use a config as below to generate a token and pass it to the backend endpoint

    <endpoint name="FoodEP" xmlns="http://ws.apache.org/ns/synapse">
    <http method="get" uri-template="http://localhost:9192/service/foodservice">
        <authentication>
            <oauth>
                <clientCredentials>
                    <clientId>K2RbnGP7VS</clientId>
                    <clientSecret>9zLrZAYR5b</clientSecret>
                    <tokenUrl>http://localhost:8678/token</tokenUrl>
                </clientCredentials>
            </oauth>
        </authentication>
    </http>
</endpoint>

    If you need to send additional parameters to generate a token, you can also set them as requestParameters to the above config. Refer to the below linked documentations for more information.

    If you are using a non-expiry token or fetching the token from somewhere else, you can use the header mediator to set the token. You need to define the following before the call mediator.

    <header name="Authorization" value="Bearer MfGb9pnTEGVWmDyjlfSZjlxhc8pFtef"/>

    For more info,

    https://ei.docs.wso2.com/en/latest/micro-integrator/references/mediators/header-Mediator/

    https://apim.docs.wso2.com/en/latest/reference/synapse-properties/endpoint-properties/#oauth-properties