APIM v4.1.0 revoke the token when invoking an API

  1. This is to preserve authorization header in the messages — https://apim.docs.wso2.com/en/latest/reference/faq/#how-can-i-add-authentication-headers-to-messages-going-out-of-the-api-gateway-to-the-backend
[apim.oauth_config]
enable_outbound_auth_header=true
[message_builder]
text_html = "org.apache.axis2.builder.ApplicationXMLBuilder"
[synapse_properties]
'synapse.xpath.dom.failover.enabled'=true
  • With the above configurations restart the APIM server.
  • Create, publish and deploy a new API[1],[2],[3].
  • Subscribe this API with an Application[4]. You will need the consumer key and secret pair of this Application.
  • Save the below policy content to a .xml file(ex: revokeToken.xml). Replace the <Base64 encoded{consumerKey:consumerSecret}> accordingly.
<header name=”Authorization” scope=”transport” value=”Basic <Base64 encoded{consumerKey:consumerSecret}>”/>Ex: <header name=”Authorization” scope=”transport” value=”Basic ajFYUE8yVGdCck92dFBVWk0yd0Y2V0tSa21RYTpReVdLODY2djd2eEdkWTRMb3ZMaF8zOVppNTBh”/>
Create new policy window
  • After adding the policy we can engage this policy in our required resources by drag and drop the policy.
Adding policy to the resource
  • Then Save and Deploy the changes.
ERROR - JWTValidator Invalid JWT token. XXXXX":"RS256"}
WARN - APIAuthenticationHandler API authentication failure due to Invalid Credentials

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store