Create Access Token using SAML2 Bearer Grant Type and Invoke APIS in wso2 API Manager

First we need to create an API in wso2 API Manager and obtain the client id and secret. Then we can use travelocity sample application in wso2 Identity server to generate access token.


Configure travelocity Sample Application

In order to use travelocity sample application we need to change following configurations in travelocity.properties file which is located in  <Tomcat_Home>/webapps/travelocity.com/WEB-INF/classes

EnableSAML2Grant=true

OAuth2.TokenURL=https://localhost:8244/token (This is the token endpoint of APIM. The APIM is running with a port offset of 1)

OAuth2.ClientId=TTAoWMohG0lcO8UmN8CRskDT0uMa (Client Id and Client Secret of API)
OAuth2.ClientSecret=tFdgrDb8BNxPkqWoBmTL7rvGBLEa

Configure Identity Server to add travelocty application

 













The AudienceRestriction and the Recipient values we configure here should be equal and the same value shuld be configured as the alias.




Configure Identiy Provider in APIM

 


The public certificate of the primary keystore should be imported to the identity provider.

Then once we login to travelocity application and click on Request OAuth2 Access Token link it is able to obtain the access token to invoke the relevant API in the API Manager.


Comments

Popular posts from this blog

Applying CORS Filter to wso2 Identity Server

JWKS endpoint of wso2 IS

Start WSO2 Identity Server 5.1 as windows Service