Does the WSO2 provide endpoints like Schemas and ServiceProviderConfigs
https://localhost:9443/wso2/scim/Schemas
https://localhost:9443/wso2/scim/ServiceProviderConfigs
WSO2 exposes SCIM endpoints in its Identity Server.
However, if you look into the service definition (and WSO2's documentation), you will find that only two services are defined: Users and Groups
You can still go to Carbon and add Service Probider and Schemas in there, just not through SCIM's REST API.
Related
we want to use Wso2 api manager and wso2 esb both but we want to use single analytics for both of them and we want both of these products to use the same identity server can it be done i just want to know that.
we want to use Wso2 api manager and wso2 esb both but we want to use single analytics for both of them
You can configure wso2sp as analytics for both wso2am and wso2ei (esb)
https://docs.wso2.com/m/mobile.action#page/97567378
we want both of these products to use the same identity server
can it be done i just want to know that.
Yes, it can be done. You can use wso2is as a key manager for wso2am or as an external IdP.
I have all wso2 products, but I don't understand how I can use Governance Registry in conjunction with rest webservices.
For example: I published a Rest Webservice in Governance, and now I want to use the service discovery to get the endpoint for this Webservice.
It's possible to do this with wso2 products?
Thanks
With WSO2 Governance Registry, you can discover endpoint details in three different ways: As example, if you are using WSO2 ESB(integration scenarios for Governance)
Share Registry space with both ESB and G-Reg
Use G-Reg to push artifacts into ESB node
ESB pull artifact from the G-Reg
Since you have already created a Rest Service in the G-Reg side, you can retrieve Endpoint details using Governance Rest API. It has an inbuilt functionality to retrieve Endpoint associated with a given RestService instance. You can find more details from this doc.
Can someone please clarify when to use API Manager and when to use Identity Server. I see that API Manager comes with Key Manager. Isn't that sufficient. I am really confused. Any help would be helpful.
Many thanks....
I hope this explaination will help you out,
WSO2 Identity Server
WSO2 Identity Server is a fully fledged Identity Management Solution which supports Authentication, Authorization, Single Sign-On and Identity Federation to name a few capabilities. WSO2 Identity Server supports almost all major identity protocols such as SAML, OAuth2, OpenID Connect etc.Take a look at this page to get an idea about the capabilities of WSO2 Identity Server.
WSO2 API Manager
WSO2 API Manager, on the other hand, focuses on managing your APIs. Managing life cycle of your APIs, Authorization, Throttling, applying policies on API consumers are some of the functionalities handled by API manager. API manager has several components such as publisher, store, gateway, key manager, traffic manager that clearly separates different aspects of API Management.
So the Key manager component is responsible for managing OAuth applications, generate, validate and revoke OAuth2 Tokens. API has an inbuilt key manager component to handle these functionalities.
API Manager also offers the flexibility to use an external key manager instead of its inbuilt one should you require to do so. This external key manager needs to confirm to an interface specified by API manager. By default, API has an implementation of this interface that allows WSO2 Identity Server to used an external key manager.
So whether or not you want to use Identity Server or any other external key manager is totally dependent on your use case and the API traffic.
You can use WSO2 Identity Server for all the authentication/authorization stuff:
XACML Architecture solution.
SSO with anothers webapps or WSO2 tools.
Implement a Oauth2 autorization mechanish
Federate authentication
etc....
You can uso WSO2 API Manager for expose unsecure resultful apis or webservices as secure apis using Oauth with monitoring and billings functionallities
The key manager functionallity properly decouples the operations for creating OAuth applications and validating access tokens so that you can even plug in a third party-authorization server for key validations.
In a DEV enviroment you can work with WSO2 API Manager without the WSO2 Identity Server at all.
In a production enviroment it's recommended to use a separate WSO2 API Manager as a Key Manager or use the WSO2 Identity Server as the Key Manager
Evaluating Wso2 API Manager. I have dozens of various APIs that have been developed by several groups over the past few years, all authenticate with IIS windows authentication.
How can I configure Wso2 API Manager to call a backend OData API that is expecting Windows Authentication in the request?
I don't actually need to pass-through authentication from the calling user, I'd be okay specifying a dedicated service account that API Manager always used to call the backend services.
API Manager supports NTLM authentication. You can follow the sample in APIM_HOME/samples/NTLMGrantClient. This documentation explains this. Also please follow this blog.
The Endpoint Auth Type "Windows Authentification" is not supported by API Manager. You might want to consider activating "Basic" or "Digest" authentification on your service in IIS (both of them are supported by API Manager).
see: https://docs.wso2.com/display/AM1100/Basic+Auth
In the link
http://blog.facilelogin.com/2008/10/wsas-hiddedn-services.html I saw WSo2 Soap apis , can I get it's equivalent rest apis. And an example which shows how to pass authentication details. I need this one for wso2 Identity server.
In Identity server, You can find many management web services API that can be used for authentication, authorization, user management and so on. Could you let us know the API that you are looking for.. then we can say what is exact web service that you could use. As an example for XACML based authorization, there are "EntitlementService" web service where you can find more details here. But still rest API is not available for this service.
Normally it is mentioned these web service API as admin services in WSO2 products.
Currently (With IS 450), It has a rest API for user management based on SCIM where you find them here. However, you can expose all SOAP based API as Rest API using WSO2 APIM product.