I am new to WSO2 API Manager and Identity Server. I have one requirement - to use customized OAUTH2.0 in WSO2 IS with WSO2 API Manager. Could you please let me know If there are any samples or examples for this requirement.
You can register your custom Oauth Provider as IDP in WSO2 Identity Server. You can refere this blog [Federated Authentication] OpenID-Connect IDP with WSO2 Identity Server on how to do that.
WSO2 API Manager don't support this. So, You have to combine WSO2 Identity Server with API Manager (Identity Server as Key Manager with API Manager).
Related
We are currently have 2.6.0 wso2 api manager and we hace a requirements to add multi factor authentication for our wso2 api manager.I have got the steps to add multi factor authentication for wso2 identity server from the official documentstion(given link below).Can u clarify if the steps are same for both identity server and api manager. Can u also clarify whether we can implement this steps in 2.6.0 version wso2 api manager.
I have referred the below link for enabling MFA
https://is.docs.wso2.com/en/latest/learn/configuring-sms-otp/
As out-of-the-box, the WSO2 API Manager doesn't support full-fledged Identity capabilities. Therefore, if you want to secure your Portals with MFA, it is recommended to configure an Identity Server as Key Manager with WSO2 API Manager.
Follow this documentation to configure WSO2 Identity Server as Key Manager with WSO2 API Manager v2.6.0.
I have setup an environment with WSO2 Identity Server(wso2is-km-5.9.0) on Node 1 and WSO2 Api Manager(wso2am-3.0.0) on Node 2 where Node 1 serves all token related requests.
And my aim is to acheive SSO between all service providers that I on-board to this setup, but in WSO2 API manager(3.0.0) the publisher and devportal are by default SAML integrated with API- manager.
How do I change SSO login of Devportal and Publisher from API-manager to Identity-Server, as the Publisher and Devportal are now using token issued by API-manager and the Service Providers are using token issued by Identity server, therefore SSO is not happening between these entities.
To achieve SSO between saml apps in APIM, you can configure IS as a federated IDP in APIM and do SSO with Identity Server.
Please refer to this document to configure Identity Server as an IDP for SSO https://apim.docs.wso2.com/en/latest/Learn/Extensions/SAML2SSO/configuring-identity-server-as-idp-for-sso/
i m new learner for wso2
wso2 - oauth, user Management and my other service available in predix.
so i have used wso2 identity server for oauth and user management.
Problem :
1) how to integrate predix(idp)
2) how to used this things using REST API
For your first question, I understood that you need to integrate the mentioned Idp as federated Identity Provider in WSO2 Identity Server. Doc - https://docs.wso2.com/display/IS570/Configuring+Federated+Authentication guides the steps to configure federated authentication.
Currently, WSO2 IS don't have a build in authenticator for the Prefix. But as the Prefix support OIDC flow, you should be able to WSO2 OIDC federated authenticator. Steps can be found here
I haven't got the chance to test with Prefix. But it needs to work
i am newbie to the WSO2 identity server 5.0 service pack one.
I've been so confused lately that, what is different between identity provider and an outbound authentication?
How can i usage each of them ?
if i define a custom user store authentication, when must be used a custom authentication in Authentication endpoint? what is difference and usage each of them?
Identity providers are providing identity for users to interact with a system. As an example here in wso2 identity server we can configure Facebook as an Identity Provider(IDP). By doing this we can allow users to be logged into Service Providers using facebook credentials. you can follow the blog in [1] to test Wso2 IS with facebook IDP. Otherthan facebook we can use google, Live, Yahoo, etc. as IDP with IS.
[1] http://prasadtissera.blogspot.com/2014/04/login-with-facebook-for-wso2-identity.html
Thanks
Does WSO2 support a use case wherein its a SAML service provider instead of being an Identity provider?
I want to do a sample use case where wso2 is the identity provider and another instance that is a service provider. Is it possible to use wso2 as a service provider.
Yes.. It is possible, Because WSO2 Carbon product has an authentication framework that we can plug any authenticators. There is SAML2 SSO authenticator (Relying part) that can be plugged with Carbon server. You can find more details about it from WSO2 documentation from here