This documentation is for WSO2 API Manager 1.9.0. View documentation for the latest release.

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


  1. Sign in to the WSO2 APIM Management Console (https://<Server Host>:9443/carbon) and click Add under Service Providers.

  2. Give a name for the service provider and click Register.
  3. Click Configure under Inbound Authentication Configuration > OAuth/OpenId Connect Configuration to add a new OAuth client.
  4. Provide a callback URL.
    If you do not have a callback URL, you can uncheck the Code and Implicit authorization grant types checkboxes and add the OAuth client.
    As you have now created the OAuth client, the OAuth client key and OAuth client secret appears.
  5. Enable the option to provide out-of-band keys by opening the <APIM_HOME>/repository/deployment/server/jaggeryapps/store/site/conf/site.json file and changing the "mapExistingAuthApps" setting to true.

    Code Block
    "mapExistingAuthApps" : true
  6. Sign in to the WSO2 API Store.
    https://<Server Host>:9443/store
    In the My Subscriptions page, notice that you now see a Provide Keys button for your application.
  7. Click Provide Keys, paste the consumer key and consumer secret pair, which you received in step 4, and click Save.

    If you receive an error when you click Save, use the OAuth Admin Service to provision the out-of-band OAuth client. 

    You have successfully provisioned an out-of-band OAuth client.