This documentation is for WSO2 Enterprise Service Bus version 4.7.0 . View documentation for the latest release.

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


When a client tries to invoke a RESTful service, it may be required to verify the credentials of the client. This can be achieved by registering an OAuth application in the WSO2 Identity Server. When the client sends a REST call with the Authorization header to the ESB, the OAuth mediator validates it with the Identity server and proceeds.

See 2-legged OAuth for Securing a RESTful Service for detailed instructions to carry out this process.