I am about to configure the "WSO2 API Manager", but since I have been using Keycloak as SSO server in my old applications, I would like to know if it is possible to use keycloak SSO as authentication server for "WSO2 API Manager"?
Thanks in advance!
Asked
Active
Viewed 3,215 times
3
-
Hi gubak, did you manage to integrate both platforms? – codependent Nov 25 '18 at 09:34
2 Answers
2
Yes, its possible with a third-party Key Manager. See https://docs.wso2.com/display/AM200/Configuring+a+Third-Party+Key+Manager.
I have implemented this for OpenID Connect token support. I don't think there is an out-of-the-box solution yet.
The custom code to be written must handle two major situations:
- In API Store each created application must be linked to a Keycloak client. Therefore the application name and consumer key on API Store side must correspond to the clientId on Keycloak. The client secret from Keycloak must be retrieved to go into the corresponding consumer key in API Store.
- The key validation in the API Manager Key Manager module must be executed as token introspection request to Keycloak.
Boomer
- 3,360
- 20
- 28
0
You can configure SSO[1] for API Manager store and publisher with any SSO IDP. Also you can use third party keymanager[2]
[1]https://docs.wso2.com/display/AM200/Configuring+Single+Sign-on+with+SAML2
[2] https://docs.wso2.com/display/AM190/Configuring+a+Third-Party+Key+Manager
Jenananthan
- 1,381
- 2
- 10
- 20