The API Gateway has a default mediation flow, which you can extend by adding custom mediation sequences. You create a custom mediation sequence either manually or using WSO2 tooling support (i.e., WSO2 Developer Studio), and then engage it per API or globally to all APIs of a specific tenant.
Creating per-API extensions
The recommended way to engage a mediation extension sequence per API is to upload an XML file through the registry and then engage it using the API Publisher. The following tutorial shows how to do this: Change the Default Mediation Flow of API Requests.
Alternatively, you can name the mediation XML file in the pattern <API_NAME>:v<VERSION>--<DIRECTION>
and save it directly in the following location:
- In the single-tenant mode, save the XML file in the
<APIM_HOME>/repository/deployment/server/synapse-configs/default/sequences
directory. - In the multi-tenant mode, save the XML file in the tenant's synapse sequence folder. For example, if tenant id is 1, then save it in
<API_Gateway>/repository/tenants/1/synapse-configs/default/sequences
folder.
In the naming pattern, the <DIRECTION>
can be In
or Out
. When it is In
, the extension is triggered on the in-flow (request path) and when it is Out
, the extension is triggered on the out-flow (response path). To change the default fault sequence, you can either modify the default sequence or write a custom fault sequence and engage it to APIs through the API Publisher.
An example synapse configuration of a per-API extension sequence created for the API admin--TwitterSearch
version 1.0.0 is given below.
<sequence xmlns="http://ws.apache.org/ns/synapse" name="admin--TwitterSearch:v1.0.0--In"> <log level="custom"> <property name="TRACE" value="API Mediation Extension"/> </log> </sequence>
You can copy this content into an XML file (e.g., twittersearch_ext.xml
) and save it in the <API_Gateway>/repository/deployment/server/synapse-configs/default/sequences
directory.
The above sequence prints a log message on the console whenever the TwitterSearch
API is invoked.
Creating global extensions
You can also engage mediation extension sequences to all APIs of a specific tenant at once. To do that, simply create the XML with the naming pattern WSO2AM--Ext--<DIRECTION>
and save it in the <APIM_HOME>/repository/deployment/server/synapse-configs/default/sequences
directory.
An example synapse configuration of a global extension sequence is given below:
<sequence xmlns="http://ws.apache.org/ns/synapse" name="WSO2AM--Ext--In"> <property name="Authentication" expression="get-property('transport', 'Authentication')"/> <property name="Authorization" expression="get-property('Authentication')" scope="transport" type="STRING"/> <property name="Authentication" scope="transport" action="remove" /> </sequence>
This custom sequence assigns the value of your basic authentication to Authorization header.
You can copy this content into an XML file (e.g., global_ext.xml
) and save it in the <API_Gateway>/repository/deployment/server/synapse-configs/default/sequences
directory.
When you invoke your REST API via a REST Client, configure that client to have a custom header (Authentication) for your basic authentication credential and configure the ‘Authorization’ header to contain the bearer token for the API. When you send the Authentication and Authorization headers, the Gateway drops the Authorization header, converts the Authentication to Authorization headers and sends to the backend.