This documentation is for WSO2 API Manager 1.10.0 View documentation for the latest release.
Page Comparison - Configuring Caching (v.6 vs v.7) - API Manager 1.10.0 - WSO2 Documentation

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


In a typical API Manager deployment, the Gateway is deployed in a DMZ while the Key Manager is in MZ. By default, caching is enabled at the Gateway. If you do not like to cache token related information in a leniently secured zone, you can do that on the Key Manager side. In this method, for each and every API call that hits the API Gateway, the Gateway issues a Web service call to the Key Manager server. If the cache entry is available in the Key Manager server, it is returned to the Gateway. Else, the database will be checked for the validity of the token.

This method has Storing the cache in the Key Manager causes low performance compared to storing it in the earlier oneGateway, but you do not have to store any security-related information at the Gateway side. Using this cache combined with the Gateway cache is not recommended. it is more secure. If you enable the key cache in a clustered environment, you should have only one Gateway per Key Manager, whereas you can have two Gateways per Key Manager when the Gateway cache is enabled instead. Note that we do not recommend using both caches combined.   

  • Disable caching at the API Gateway by adding the following entry under the <APIGateway> element in the <APIM_HOME>/repository/conf/api-manager.xml file.

    Code Block
  • Enable the Key Manager cache by adding the following entry under the <APIKeyValidator> element in the api-manager.xml file.

    Code Block