Open the CORS configuration in the
<APIM_HOME>/repository/conf/api-manager.xml file, enable CORS if it is not enabled already and specify the additional headers (
SOAPAction, in this case) under the
This configuration is only valid for APIs created through the API manager Publisher application. All the other Oauth token related APIs (/authorize, /revoke, /token, /userinfo) are not affected from this. To enable CORS configuration to these APIs as well, see Enabling CORS for Oauth Token related APIs.
Next, let's see how to add the header as a parameter to the API Console.
- Log in to the API Publisher and click the API that you want to invoke (e.g.,
Click the Edit link next to the API's name, navigate down to the API Definition section and click on the
POSTmethod to expand it.
Update the Produces and Consumes fields to
text/xmland create the following header using the Add Parameter button.
Parameter name Values SOAPAction Description: Set to
Parameter Type: Header
Data Type: String
Once you are done, click Save.
- Log in to the API Store, subscribe to the API and generate an access token for the application you subscribed with.
If it's an API that you are already subscribed to, you might have to re-generate the access token from the Applications page.
- Click on the API again to open it and then click its API Console tab.
Expand the POST method, fill the parameter values and invoke the API. For example,
Parameter Value Body
This is the example SOAP request that we copied from the SOAP UI of the previous tutorial:
Parameter Content Type text/xml SOAPAction
Note the result that appears on the console. As you gave an invalid phone number here, the result is invalid.
You have added SOAP parameters to the API Console and invoked a SOAP service using the API Console.
Enabling CORS for Oauth Token related APIs
Enabling CORS configuration through
api-manager.xml is only valid for APIs created through the API manager Publisher application. Hence enabling CORS for Oauth token related APIs (/authorize, /revoke, /token, /userinfo) can be carried out as follows.
Based on the API that you need to enable CORS, add the following handler configuration to the relevant API synapse file present in
<APIM_HOME>/repository/deployment/server/synapse-configs/default/api/ folder. It should be added within the
<handlers> parent element.
The following are the mappings of the synapse files corresponding to the Oauth token related APIs.