All docs This doc

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


In most of the real-world use cases of REST, when a consumer attempts to access a privileged resource, credentials must be provided in an Authorization header or the consumer will be refused access. In WSO2 ESB, when we want to secure an API, we can simply make it available via HTTPS and let the security handlers validate the credentials. By default, the ESB does not include any REST Security Handlers, but the following example of a primitive security handler serves as a template that can use be used to write your own security handler to secure an API in the ESB.