I've seen that the WSO2 API manager version 1.4.0 offer the multi tenant capability, but apart from creating a new tenant in the carbon dashboard how can I have the different store and publisher applications for the different tenants.
My expectation is that I can have two different looks for the two tenants (even just applying different theme to the jaggery application), but I'm loosing where do I have to configure the existance of the tenant and How can I operate as a admin#tenant1 or admin#tenant2 to publish and consume in the store the API.
Thanks
Different theme support is not available. But when you publish an API as a tenant, it will be available in that particular tenant store.
If you create a tenant, it will be a tenant admin. And for that tenant, you can create tenant users with different permissions. (That is login as tenant from management console and create users/roles etc..)
I think you can't change the look and feel for each tenant. In multitenancy you can create multiple tenants and each tenant can publish their APIs, so that will affect and available to only that tenant.
You can log into publisher and store using tenant username and tenant password.
Related
I am using wso2 apim 4.0.0. Some dozen of apis are deployed and published on it by admin user. Consequently the provider of those apis is admin(in wso2 db). The question that I would like to ask is if it possible to change api provider to another user. If it is then how to do that?
I tried to change it directly in wso2am_db (wso2 api manager database), but haven't succeeded.
this is not possible. Provider is user who created api. You can log in like admin, delete your api. Log in(in publisher or restfull api) like a different user and then create/deploy your api.
The API Provider will always be the user who creates the API. Directly updating the tables may result in data inconsistency. If you want to show it as owned by a different user in Developer Portal, you can add that user as Business Owner of the API, under Business Info.
I am using wso2 API manager 3.1.0 and wso2 IS as KM 5.10.0 . I created the tenants in API manager's carbon console. When I created some APIs via super tenant's publisher portal and set the subscription availability to specific tenants as shown in below figure. Also the developer portal visibility is set to public.
But when I login to the developer portals of one of the tenant to which I configured the subscription to be availble in previous step I am unable to see the API. Is this a Bug?
If you checked for the API in the specific tenant's Developer Portal, the API will not be visible. Since the API is created by the super tenant which is carbon.super, the API is only accessible from the carbon.super developer portal space. If you login as a different tenant to the carbon.super developer portal space, then you will be able to see the API.
The API will be visible and subscribable for the tenants that you have specified under "Subscription Availability" section in Publisher given their visibility is Public according to your scenario. For this you have to login to carbon.super Developer Portal Space.
See the image below where you can select the tenant developer portal you need to log into. Try logging into carbon.super space with the specific tenant credentials.
Is tenant functionality useful for a saas web application? In wso2 docs the tenants are useful for multiple departments, but in my case I have multiple clientes with your own users.
How can I share my saas application between multiple tenant, if this tenant are isolated?
What’s the best way of use the wso2 capabilities for saas apps, using roles and access attributes (abac) ?
You can use the tenant functionality for your requirement. You can configure a service provider as the SaaS application, then that application can be access by all other tenant members.
By default, the SaaS Application check box is disabled, which means the web application is not shared among tenants so only users in the current tenant (the one you use to define the service provider) will be allowed to log into the web application. Alternatively, if you enabled the SaaS Application check box, that means this web application is shared among tenants so users from any tenant will be allowed to log into the web application.
You can refer here for more info
What’s the best way of use the wso2 capabilities for saas apps, using roles and access attributes (abac) ?
If you meant to configure the authentication mechanism for the saas apps using roles and access attributes, you can use the Adaptive Authentication feature. This feature will allow you to control the authentication/ authorization flow using simple javascript
I am trying to develop a data integration service which will be used in multi-tenant mode. We are exploring different solutions available, and WSO2 is one of them. I am using WSO2 EI 6.1.1 (Carbon).
I have created two tenants from superuser's management console, and deployed the *.car file from each tenant's login.
My understanding of multi-tenancy was that single deployement is done, and multiple tenants/users of the system access the same deployed service without interferring each other or getting blocked.
But here, I have to deploy the same carbon application for each tenant (twice in my case) from management console. How is it multi-tenant then?
I think you have didn't clearly understand the what is an tenant. Consider tenant as a separate organization. For e.g if you take Alphabet, you have Google, Youtube, Maps, etc... Those are your tenants. So each tenant can have their own set of apps.
If you want all the tenant users to access a particular app I think you can mark that as a SaaS app. That way any user from any tenant can access that particular app.
Hope that gives you a clear idea.
You can refer to https://docs.wso2.com/display/AM200/Multi-tenant+Architecture for more details about tenancy concept in WSO2
In publishing in managing step we set "Available to specific Tenants " with a tenant domain list , After publishing the API specified tenants can not see the API in the API store of the specified tenant.
and tenants which are not specified for the api can generate token with their own user credential and client id ,client secret of different tenant.
Thanks for any suggestion.
Although API subscription can be allowed to different tenant domains, API subscribers need to login to original API store with their creditial, discover the API and subscribe.
You can refere this document for making this API visible to those external tenant stores