This documentation is for WSO2 API Manager 2.1.0 View documentation for the latest release.
Page Comparison - Extending Scope Validation (v.5 vs v.6) - API Manager 2.1.0 - WSO2 Documentation

All docs This doc

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Start the API Manager server and log into the API Store.
  2. Create an application. On the Production Keys tab of your application, click Generate Keys.
  3. Obtain the Base64 encoded representation of the Consumer Key and the Consumer Secret separated by a colon according to the following format.

    Code Block
    Base64(consumer-key:consumer-secret)
    Tip

    You can also use the curl request listed under the Generate Access Tokens section for the steps 3 and 4 based on the grant type.

  4. Use the Base64 encoded value obtained above in the Authorization header when invoking the following command. This is used to get the token by calling the token API.

    Tip

    Make sure you include a random scope in the request which will be any value suitable for the name of the scope.

    Code Block
    languagexml
    curl -k -d "grant_type=password&username=admin&password=admin&scope=some_random_scope" -H "Authorization: Basic WmRFUFBvZmZwYVFnR25ScG5iZldtcUtSS3IwYTpSaG5ocEVJYUVCMEN3T1FReWpiZTJwaDBzc1Vh" -H "Content-Type: application/x-www-form-urlencoded" https://10.100.0.3:8243/token

    Along with the token, you receive a response from the server similar to the one below.

    Code Block
    {"scope":"default","token_type":"bearer","expires_in":3600,"refresh_token":"23fac44e9b7e1ae95a33b85f4f26decd","access_token":"9474fa104ccb196303f41c8a5ee6f48"}

    You may not see the scope you requested for in this response as it has not been whitelisted yet.

  5. Shut down the server.

  6. To whitelist the scope, add the following under the <OAuthConfigurations> element in the <APIM_HOME>/repository/conf/api-manager.xml file and restart the server. 

    Code Block
    languagexml
    <ScopeWhitelist>
    	<Scope>^device_.*</Scope>
    	<Scope>somerandomscope<<Scope>some_random_scope</Scope>
    </ScopeWhitelist>
  7. Call the token API using the same request used in step 4. You will receive a response similar to the one below.

    Code Block
    {"scope":"some_random_scope","token_type":"bearer","expires_in":3600,"refresh_token":"59e6676db0addca46e68991e44f2b8b8","access_token":"48855d444db883171c347fa21ba77e8"}

    You see a successful response along with the whitelisted scope for which you requested.