1. 技术文章
  2. wso2 API-M 3.0 - how to get oauth token for product/admin api calls

wso2 API-M 3.0 - how to get oauth token for product/admin api calls

狂风中的少年 提交于 2019-12-11 14:12:44

问题


I am testing out the pre-release version 3.0 of wso2 API-M with the generic admin/admin credentials and want to invoke the various publisher apis at http://wso2.github.io/carbon-apimgt/apis/publisher/v1.0/ - e.g. creating a new api.

All of these apis take oauth access tokens, however in their documentation I only see the oauth2 scope for them noted, but I don't see how to generate the access token to pass in the api request.
It is clear how to generate oauth tokens for apis and apps already created in wso2 store/publisher, but I have not been able to find how to generate the oauth token for the higher-level product apis at https://docs.wso2.com/display/AM300/Product+APIs.

I know earlier versions of wso2 had the "carbon" endpoint with the admin and identity server UI which maybe helped with this, but this new version doesn't have that endpoint and the "admin" endpoint I stumbled across doesn't yield anything related to oauth tokens. Any ideas how to get the oauth credentials to invoke these apis? Thanks.


回答1:


You need to do the following.

  1. Using DCR endpoint, create an oauth app and generate client key and secret.

    curl -X POST -H "Content-Type: application/json" -H "Authorization: Basic YWRtaW46YWRtaW4=" --data @payload.json https://localhost:9443/api/identity/oauth2/dcr/v1.0/register -kv

payload.json content

{
  "redirect_uris": [
    "http://localhost"
  ],
  "client_name": "name_1",
  "grant_types": [
    "password"
  ]
}

Authorization token is Base64 encoded(username:password)

  1. Get an access token using password grant type

    curl -X POST -H "Authorization: Basic MTNiYmM1ODAtYjkwYy00ZDg0LWE5NjItYjg4NTg2Yzk1MmEyOjYxZGE1M2YwLTkxN2MtNDhmNi1hYWEzLWVmMDU3NjEzMDdiMw==" -H "Content-Type: application/x-www-form-urlencoded" -d 'username=admin&password=admin' "https://localhost:9443/api/auth/oauth2/v1.0/token?grant_type=password&scope=scope" -kv

Authorization token is Base64 encoded(clientId:clientSecret)

  1. Invoke an API with the received token

    curl -X GET -H "Authorization: Bearer 9uAXi-J5GywvdTupCjbg005-NdqDSfD397vI_UKcbaw" "https://localhost:9443/api/am/publisher/v1.0/apis/" -kv

Refer the following for more details

  1. https://docs.wso2.com/display/AM300/DCR+and+DCRM+APIs
  2. https://docs.wso2.com/display/AM300/Token+API


来源:https://stackoverflow.com/questions/49289106/wso2-api-m-3-0-how-to-get-oauth-token-for-product-admin-api-calls

标签
oauth
wso2
wso2-am
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!