WSO2 API Manager 4.1.0 - JSON2XML policy not working - wso2

There is Hello World API is onboarded into WSO2 APIm 4.1.0 GA release. I added JSONtoXML policy from policy List to Response flow by follows steps provided in WSO2 APIM Doc and deployed in DEV portal by clicking save and deploy option
JsonToXML.j2 - Policy file Content:
<property name="messageType" value="application/xml" scope="axis2"/>
Policy in publisher:
When I Try out this API in DEV portal or via postman, it is still giving response as JSON format, not in XML
WSO2 DEV Portal - TRY IT OUT:
POSTMAN:
As suggested below - API Gateway Sequence Hit:
CURL Request like below:
curl -k "https://127.0.0.1:9443/api/am/gateway/v2/sequence?apiName=HelloWorld&version=1.0.0" -H "Authorization: Bearer eyJ4NXQiOiJOMkpqTWpOaU0xxx"
Note: valid token is passed in above curl Request, same token used when calling apim url which gives backend response
Did I miss anything or if not why this policy enablement is not working in WSO2 APIM? Please clarify on the same

I just followed the same flow to the Pizzashack API in the APIM 4.1.0 GA pack. It worked as expected without any issue.
Can you confirm that you have created a new revision after this policy addition and deployed it in the gateway?
If you have done that as well, shall we use the gateway Rest API and check the sequences for the HelloAPI. There should be a new sequence with the above policy attached.
Edit:
If the sequence call does not contain a response, that means the policy has not been deployed properly. To apply the policy properly, create a new revision and deploy that revision in the gateway.

As suggested by #Lakshitha, i followed below STEPS and working as expected.
Restarted WSO2 APIm standalone server
Added policy in GET resourse of HelloWorld API
Deployed as new Revision
In DEV Portal, API tested via TRY OUT option and got XML response now
Gateway API also given sequence response like BELOW

Related

Is the support for apim.jwt_authenitcation.subscription_validation_via_km removed in WSO2 APIM 3.2.0?

I am trying to follow https://medium.com/#shagihan/configure-auth0-as-external-oauth-provider-for-wso2-apim-3-1-0-4368aa2448e3 with APIM 3.2.0 and just noticed that the above config has no effect on APIM 3.2.0. Even if I set apim.jwt_authenitcation.subscription_validation_via_km to false I am still getting a subscription validation error as below,
{"fault":{"code":900908,"message":"Resource forbidden ","description":"User is NOT authorized to access the Resource. API Subscription validation failed."}}
So just wanted to confirm whether this has been removed from APIM 3.2.0. Thanks in advance!
Yes, this property is now removed from APIM v3.2.0.
In APIM v3.2.0, we support Auth0 by default and using the admin portal you can configure the Auth0 as the key manager.Please check https://apim.docs.wso2.com/en/latest/administer/key-managers/configure-auth0-connector/#configure-auth0-as-a-key-manager
In APIM v3.2.0 API subscription validation has become mandatory. API subscription details will come to the API gateway via the traffic manager. By going forward, JWT tokens will not contain any API subscription details or any WSO2 specific information.

WSO2 Api Manager - Sandbox/Production keys

Using WSO2 Api-M On-Prem v3.1.0.
I have set up an API in Publisher with different endpoints for Production and Sandbox.
Using API Key as Application Level Security.
Enabled Security for my GET resource.
In DevPortal I created an Application and set up an subscription for my API.
Generated Sandbox API Key and used "Try Out" in DevPortal.
I can select Key Type "Production" and enter my Sandbox Key, I get OK response from Production endpoint.
Try-Out screenshot
If I change Key Type to Sandbox, I still get response from Production endpoint.
I see in http_access_.YYYY-MM-DD log that both requests are sent to my production endpoint.
Why isn't my request sent to Sandbox when I use Sandbox API-Key as described in documentation:
https://apim.docs.wso2.com/en/3.0.0/learn/api-gateway/maintaining-separate-production-and-sandbox-gateways/
I reproduced this issue in API Manager version 3.1.0. This is a bug and needs to be fixed. I have created a GitHub issue for this. Please check [1].
As a workaround for your scenario, please enable OAuth2 Application level security as well under the Runtime Configurations of your API in Publisher. So both OAuth2 and API Key needs to be selected.
[1] https://github.com/wso2/product-apim/issues/8483

How to create policy for wso2 identity server Entitlement

I have using Wso2 indendity server 5.7.
i have seen some document for wso2.
link:
https://docs.wso2.com/display/IS570/Entitlement+with+APIs#EntitlementwithAPIs-addPolicy()
my problem how to use this things in postman.
i have seen some document in rest api but in rest api documentation create policy rest api not available.
Rest Api Document:
https://docs.wso2.com/display/IS570/Entitlement+with+REST+APIs
The API documentation you pointed was the SOAP APIs. There is no rest API for creating XACML policy in WSO2 IS. If your requirement is to use postman to publish the policies, you can refer to this. It explains how to send the SOAP request from postman

How to test calls to an Amazon API gateway using Cognito Auth

I've got some lambdas behind Amazon's API Gateway, which is configured to restrict access to Cognito authenticated users. All works fine for users coming via a UI.
I'd like to test those APIs separately to the UI, using Postman ideally or failing that perhaps curl.
How can I send a Cognito-authenticated request via Postman, curl or similar, to the API Gateway?
Try using Insomnia as a Rest client: https://insomnia.rest/
I see it has a tab for AWS auth settings.
just have a look at the following post, i think it'd be helpful for you.
How setup header in Postman for Api Gateway authenticated with Cognito?

WSO2 API Cloud Issue

I hope you can help me with WSO2 API Cloud.
I have a sample app that adds two float numbers in WSO2 app cloud. Below are the details:
Endpoint: http://jab7180-sample-calc.wso2apps.com/client/calculate/add/10/20
Output:
30.0
My problem is I'm having problem calling my API after publishing to WSO2 API Cloud. The response body is no content, response code is 0, and response header is no response from server.
This is how I published my API in WSO2 API Cloud using the endpoint above:
Name: calculator
Context: /compute
version: 1.0.0
visibility: public
URL pattern: client/calculate/add/{x}/{y} where verb is GET.
Production Endpoint: http://jab7180-sample-calc.wso2apps.com
Subscription tiers: Unlimited
We found the issue. There is a problem with defining URI params with single-character parameters. As a workaround, please define your resource with different parameters.
Ex: /client/calculate/add/{xx}/{yy}
Also, you have to set the "Produces" attribute for the resource as "application/xml" since the default value is "application/json" and is not supported by your backend.
Please refer the screenshot below and define your API resource, and republish the API.
From https://docs.wso2.com/display/APICloud/Subscribe+to+and+Invoke+an+API
If you cannot invoke the API's HTTPS endpoint (causes the
SSLPeerUnverified exception), it could be because the security
certificate issued by the server is not trusted by your browser. To
resolve this issue, access the HTTPS endpoint directly from your
browser and accept the security certificate.