0

I recently got started with wso2 api manager. I managed to import an existing api which requires a bearer token to be included in the header as a way of authentication. I can not seem to find a way to include the bearer token in the API Manager therefore getting an 401 unauthorized error as a result. Can you help me resolve this Please. Thank you in advance.

I am still trying to send the bearer token using this.

See Here

Regrding the Question I ASked From Lakshitha

Regrding the Question I ASked From Lakshitha

Error Shown when adding the custom auth header

user21348790
  • 17
  • 4

2 Answers2

0

If you are asking how to consume an API, take a look at this and this documents.

curl -H "Authorization: Bearer <access-token>" -H "accept: application/json" "https://<server-IP>:<port>/pizzashack/1.0.0/menu" -k -v

If you want to pass the Bearer token to the backend, add the following config to <API-M_HOME>/repository/conf/deployment.toml.

[apim.oauth_config]
enable_outbound_auth_header = true

If you want to send a custom token, take a look at this.

ycr
  • 12,828
  • 2
  • 25
  • 45
  • Hi, Thank you for the reply. I followed [Link](https://apim.docs.wso2.com/en/latest/design/api-policies/regular-gateway-policies/passing-a-custom-authorization-token-to-the-backend/) and added the custom policy Custom Authorization Token and deployed the API and published it. But when i try this out in the developer side it still gives 401 unauthorized error. I have attched the image in See Here link on the Question. Please look at it. – user21348790 Mar 08 '23 at 05:24
0

If you need this bearer token to authenticate the backend API, you have three options.

  1. Use OAuth2 secured endpoints. Here API manager generate the backend request authorization header using the provided configurations such as token URL, client ID,secret and the grant type.
  2. Send the backend authorization header with the original request. In this approach, you will have to authorization headers if the API exposed from API Manager. First authorization header will be used to authenticate the request in the API Manager layer (If needed you can disable security and omit this) and the second auth header is for the back end. In this scenario, since you cannot have two headers with same header name Authorization, you need to change the API Manager validating header name to a different value (Eg: apim-auth-header). This way, your original request will have two headers. apim-auth-header : Bearer <Token> and Authorization : Bearer <Token>.
  3. Using custom mediation sequence to generate the backend token and send with the backend request. You can find multiple sample implementations such as this blog.

Edit:

Adding a new header via the tryout console can be achieved by editing the API definition of the API. You can edit the definition from the publisher console under the API configurations. You need to add a new header parameter to the path of your choice and this will add a new field in the tryout console of the devportal as below. When invoking, you can add the token from the UI and invoke.

enter image description hereenter image description here

Lakshitha
  • 1,021
  • 1
  • 6
  • 15
  • Thank you for your reply. I tried your solutions past few days and second option is the one that makes the most sense to me. But there is something that i still can not understand. When you say I have to create two headers, I still have not found how to create two headers. Can you please explain this. I have Attached some Screen Shots In the Question section. Please check it also – user21348790 Mar 13 '23 at 10:45
  • Also when Invoking the API from API Developer portal try out section, How to we pass the Second Header (i.e Custom Header)? – user21348790 Mar 13 '23 at 10:50
  • I tried according to your edited solution. But when I enter the custom auth header it gives an error (I have attached a screenshot of the error in the question section). Also if I don't enter anything to that field it just gives the 401 unauthorized error as earlier. Looking forward to hearing from you. Thank you – user21348790 Mar 14 '23 at 06:17
  • To solve this issue I tried the solution shown in the link below but it did not work either. [link](https://github.com/wso2/product-apim/issues/9314) – user21348790 Mar 14 '23 at 06:19