This documentation is for WSO2 API Manager 2.0.0. View documentation for the latest release.

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


  1. In the <APIM_HOME>/repository/conf/api-manager.xml file, set the <EncryptPersistedTokens> property to true.
  2. In the <APIM_HOME>/repository/conf/identity/identity.xml file, change the <TokenPersistenceProcessor> property to org.wso2.carbon.identity.oauth.tokenprocessor.EncryptionDecryptionPersistenceProcessor.
  3. Restart the server(s) after the above configuration changes are performed.
  • If you use a distributed API Manager setup, the changes must be made on both the API Store and Key Manager nodes.
  • If you use WSO2 Identity Server (WSO2 IS) as the Key Manager setup, you need to make changes in both WSO2 IS and WSO2 API Manager.