SlideShare uma empresa Scribd logo

Extending WSO2 API Manager's Key Management Capabilities - WSO2 API Manager Community Call (1/21/2021)

WSO2
WSO2

In this community call, we will discuss extending WSO2 API Manager's key management capabilities including: - An overview of key manager connectors in WSO2 API Manager - Implementing a custom key manager connector - GUI features of the connectors for easier configuration - Event-based token revocation Resources: - https://github.com/wso2-extensions/apim-km-auth0 Sign up to get notified of future calls: https://bit.ly/373f4ae WSO2 API Manager Community Channels: - Slack: https://apim-slack.wso2.com - Twitter: https://twitter.com/wso2apimanager

Tecnologia
1 de 31
Baixar para ler offline
January 21, 2021 Session 20
Hello! Menaka Jayawardena menaka@wso2.com
Agenda
● Recap ● An overview of key manager connectors in WSO2 API Manager ● Implementing a custom key manager connector ● GUI features of the connectors for easier configuration ● Event-based token revocation ● Q&A Agenda 4
Recap from Community Call #10
Quick Recap ● Key manager as a component ● Operations of Key Manager ⦿ Token generation/ revocation ⦿ Authentication and authorization ⦿ Federation and more... ● How Key Manager is evolved ⦿ Before AM 1.9.0 : Tightly coupled Key Manager ⦿ AM 1.9 - 3.1.0 : Key Manager extensions ⦿ From 3.2.0 : Connectors and pure 3rd party key managers Watch API Key Manager (Community Call #10) @ API Life on YouTube 6
An Overview of Key Manager Connectors in WSO2 API Manager
Why 3rd Party Key Managers and Why We Need a Connector? We have to use a 3rd party Key Manager because ● Organization/ Client already has a key management solution in place ● Organizational policies We need a connector because, key managers ● Can have different set of configurations ● Support different functionalities ● Use different API endpoints, etc. 8
API Manager Scenario Key Manager: foo Key Manager: bar 9
Key Manager: foo Key Manager: bar API Manager Scenario Foo Connector Bar Connector 10
Key Manager Connector Functionality Create/ Get / Update/ Delete OAuth applications Generate access tokens Token introspection Connector Key Manager 11
Advantages of a Key Manager Connector ● Easily deployable ● Configure multiple Key Managers at the same time ● Configurable per API ● No file-based configurations 12
Available Key Manager Connectors ● WSO2 Identity Server ● Okta ● Key Cloak ● Ping ● Auth0 13
Implementing a Custom Key Manager Connector
How a Key Manager Connector is Implemented ● Carbon feature project (OSGI bundle) ● Uses Key Manager’s public APIs ● Extends AbstractKeyManager class ⦿ Overrides common key manager functions ⦾ Creating applications ⦾ Generating tokens, etc. ● Implements KeyManagerConnectorConfiguration ⦿ Defines Key Manager specific configuration options ⦾ Required admin credentials ⦾ Application related configuration 15
Project Structure ● Component ⦿ The implementation of the connector (source code) ● Feature ⦿ Builds the component zip file with all the required resources More info: How to write a WSO2 Carbon Component 16
Auth0OAuthClient.java ● Extends the AbstractKeyManager class ● Overrides required methods Method Description loadConfiguration() Loads the key manager configuration and initializes the key manager client createApplication() Creates oauth application in key manager getNewApplicationAccessToken() Generates access token getTokenMetaData() Validates and gets token information 17
Auth0ConnectorConfiguration.java ● Implements the KeyManagerConnectorConfiguration class ● Service component of the connector ● Used to define key manager specific configuration parameters ● Dynamically generates the UI Method Description getConnectionConfigurations() Returns the key manager’s connection related configuration, i.e credentials, token endpoint. getApplicationConfigurations() Creates oauth application in key manager getType() Returns the key manager type getDisplayName() Returns the key manager’s configured display name 18
Build and Deploy ● Build the project with maven mvn clean install ● Copy {PROJECT_HOME}/components/<package-name>/target/{CONNECTOR_NAME}-{Versio n}.jar file into {API-M_HOME}/repository/components/dropins directory ● Start WSO2 API Manager server ./wso2server.sh or wso2server.bat 19
GUI Features of the Connector for Easier Configuration
GUI Features of a Key Manager Connector ● Use the WSO2 API Manager admin portal to add a Key Manager ● UI based, dynamic configuration generation for KM specific configs ⦿ Connection and application configuration ● API and application level Key Manager configuration ⦿ Select which key manager should be used with an API ⦿ Configure key manager specific application parameters 21
Dynamic Configuration Generation - Admin Portal Admin Portal > Key Managers > Add New Key Manager > Auth0 Configuration related to Key Manager APIs 22
Dynamic Configuration Generation - Developer Portal Developer Portal > Application > Oauth2 Tokens Configuration related to applications created in the Key Manager 23
Event-based Token Revocation
Event-based Token Revocation ● Gateway caches need to be invalidated and revoked token information should be persisted upon revocation ● When Key Manager is externalized, there should be a system to notify the gateways ● Key Manager should send the revoked token information (WSO2 Identity Server - Revocation Event, Okta: Event Hooks) ● Depends on different Key Managers ● Currently implemented for WSO2 Identity Server 25
Event-based Token Revocation - Message Flow ● User invokes the revoke endpoint with the token to be revoked ● Key Manager invokes the /internal/data/v1/notify endpoint of Traffic Manager with revoked token information ● Traffic Manager processes the revoke token information, persists the revoked token signature in DB ● Traffic Manager generates the token revocation event and sends to the gateway via JMS ● Gateway invalidates the token caches relevant to the revoked token ● The revoked token jti is added in to the revoked token map in Gateway 26
Event-based Token Revocation - Message Flow /revoke /internal/data/v1/notify Token Revocation Event Key Manager HTTP HTTP JMS Token Info (jti, etc) 27 Persist revoked token signature AM_DB ● Invalidate token Cache ● Updates Revoked token map
More Info ● API Key Manager (Community Call #10) @API Life https://www.youtube.com/watch?v=a37MHagB8So&list=PLC7QzKjxCjo2GBxV c0Rr0LXyNryZVwAts&index=9 ● Securing APIs with WSO2 API Manager and Okta, WSO2 Webinar https://www.youtube.com/watch?v=z9mXnC-0clo 28
Question Time!
30 Next Session ● Thursday, February 18, 2021 ● Click on the community call page link to get notified of the next call or submit your topic suggestions ⦿ Page - https://wso2.com/community/api-management/#CommunityCall ● You can join our ongoing conversations on WSO2 API Manager using the following channels ⦿ Slack invite - apim-slack.wso2.com ⦿ Twitter - @wso2apimanager ⦿ Email - dev@wso2.org ● You can find out more about our product by visiting ⦿ YouTube - bit.do/wso2apimanager ⦿ Website - WSO2 30
Thanks!

Recomendados

Highlights of WSO2 API Manager 4.0.0
Highlights of WSO2 API Manager 4.0.0Highlights of WSO2 API Manager 4.0.0
Highlights of WSO2 API Manager 4.0.0WSO2
 
WSO2 API Manager 2.0 - Overview
WSO2 API Manager 2.0 - Overview WSO2 API Manager 2.0 - Overview
WSO2 API Manager 2.0 - Overview Edgar Silva
 
How to migrate an application in IBM APIc, and preserve its client credential
How to migrate an application in IBM APIc, and preserve its client credentialHow to migrate an application in IBM APIc, and preserve its client credential
How to migrate an application in IBM APIc, and preserve its client credentialShiu-Fun Poon
 
RabbitMQ
RabbitMQRabbitMQ
RabbitMQLenz Gschwendtner
 
IBM Integration Bus and REST APIs - Sanjay Nagchowdhury
IBM Integration Bus and REST APIs - Sanjay NagchowdhuryIBM Integration Bus and REST APIs - Sanjay Nagchowdhury
IBM Integration Bus and REST APIs - Sanjay NagchowdhuryKaren Broughton-Mabbitt
 
[WSO2 API Manager Community Call] Mastering JWTs with WSO2 API Manager
[WSO2 API Manager Community Call] Mastering JWTs with WSO2 API Manager[WSO2 API Manager Community Call] Mastering JWTs with WSO2 API Manager
[WSO2 API Manager Community Call] Mastering JWTs with WSO2 API ManagerWSO2
 
Troubleshooting and Best Practices with WSO2 Enterprise Integrator
Troubleshooting and Best Practices with WSO2 Enterprise IntegratorTroubleshooting and Best Practices with WSO2 Enterprise Integrator
Troubleshooting and Best Practices with WSO2 Enterprise IntegratorWSO2
 
Api Gateway
Api GatewayApi Gateway
Api GatewayKhaqanAshraf
 

Recomendados

Highlights of WSO2 API Manager 4.0.0
Highlights of WSO2 API Manager 4.0.0Highlights of WSO2 API Manager 4.0.0
Highlights of WSO2 API Manager 4.0.0WSO2
 
WSO2 API Manager 2.0 - Overview
WSO2 API Manager 2.0 - Overview WSO2 API Manager 2.0 - Overview
WSO2 API Manager 2.0 - Overview Edgar Silva
 
How to migrate an application in IBM APIc, and preserve its client credential
How to migrate an application in IBM APIc, and preserve its client credentialHow to migrate an application in IBM APIc, and preserve its client credential
How to migrate an application in IBM APIc, and preserve its client credentialShiu-Fun Poon
 
RabbitMQ
RabbitMQRabbitMQ
RabbitMQLenz Gschwendtner
 
IBM Integration Bus and REST APIs - Sanjay Nagchowdhury
IBM Integration Bus and REST APIs - Sanjay NagchowdhuryIBM Integration Bus and REST APIs - Sanjay Nagchowdhury
IBM Integration Bus and REST APIs - Sanjay NagchowdhuryKaren Broughton-Mabbitt
 
[WSO2 API Manager Community Call] Mastering JWTs with WSO2 API Manager
[WSO2 API Manager Community Call] Mastering JWTs with WSO2 API Manager[WSO2 API Manager Community Call] Mastering JWTs with WSO2 API Manager
[WSO2 API Manager Community Call] Mastering JWTs with WSO2 API ManagerWSO2
 
Troubleshooting and Best Practices with WSO2 Enterprise Integrator
Troubleshooting and Best Practices with WSO2 Enterprise IntegratorTroubleshooting and Best Practices with WSO2 Enterprise Integrator
Troubleshooting and Best Practices with WSO2 Enterprise IntegratorWSO2
 
Api Gateway
Api GatewayApi Gateway
Api GatewayKhaqanAshraf
 
Spring Boot+Kafka: the New Enterprise Platform
Spring Boot+Kafka: the New Enterprise PlatformSpring Boot+Kafka: the New Enterprise Platform
Spring Boot+Kafka: the New Enterprise PlatformVMware Tanzu
 
Exposing services with Azure API Management
Exposing services with Azure API ManagementExposing services with Azure API Management
Exposing services with Azure API ManagementCallon Campbell
 
Api gateway in microservices
Api gateway in microservicesApi gateway in microservices
Api gateway in microservicesKunal Hire
 
Reactive programming by spring webflux - DN Scrum Breakfast - Nov 2018
Reactive programming by spring webflux - DN Scrum Breakfast - Nov 2018Reactive programming by spring webflux - DN Scrum Breakfast - Nov 2018
Reactive programming by spring webflux - DN Scrum Breakfast - Nov 2018Scrum Breakfast Vietnam
 
OAuth2 - Introduction
OAuth2 - IntroductionOAuth2 - Introduction
OAuth2 - IntroductionKnoldus Inc.
 
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)WSO2
 
Kong API
Kong APIKong API
Kong APIPatrick Pierson
 
Introduction to Spring Cloud
Introduction to Spring Cloud Introduction to Spring Cloud
Introduction to Spring Cloud VMware Tanzu
 
Understanding REST APIs in 5 Simple Steps
Understanding REST APIs in 5 Simple StepsUnderstanding REST APIs in 5 Simple Steps
Understanding REST APIs in 5 Simple StepsTessa Mero
 
OpenShift Meetup - Tokyo - Service Mesh and Serverless Overview
OpenShift Meetup - Tokyo - Service Mesh and Serverless OverviewOpenShift Meetup - Tokyo - Service Mesh and Serverless Overview
OpenShift Meetup - Tokyo - Service Mesh and Serverless OverviewMaría Angélica Bracho
 
API Security Best Practices and Guidelines
API Security Best Practices and GuidelinesAPI Security Best Practices and Guidelines
API Security Best Practices and GuidelinesWSO2
 
Swagger With REST APIs.pptx.pdf
Swagger With REST APIs.pptx.pdfSwagger With REST APIs.pptx.pdf
Swagger With REST APIs.pptx.pdfKnoldus Inc.
 
APIs in a Microservice Architecture
APIs in a Microservice ArchitectureAPIs in a Microservice Architecture
APIs in a Microservice ArchitectureWSO2
 
Gateway/APIC security
Gateway/APIC securityGateway/APIC security
Gateway/APIC securityShiu-Fun Poon
 
Amazon API Gateway
Amazon API GatewayAmazon API Gateway
Amazon API GatewayAmazon Web Services
 
Event driven microservices
Event driven microservicesEvent driven microservices
Event driven microservicesAnthony Martin
 
Introduction to APIs
Introduction to APIsIntroduction to APIs
Introduction to APIsCamille Baldock
 
An introduction to OAuth 2
An introduction to OAuth 2An introduction to OAuth 2
An introduction to OAuth 2Sanjoy Kumar Roy
 
What is an API Gateway?
What is an API Gateway?What is an API Gateway?
What is an API Gateway?LunchBadger
 
Container Patterns
Container PatternsContainer Patterns
Container PatternsMatthias Luebken
 
[Webinar] WSO2 API Microgateway with Okta as Key Manager
[Webinar] WSO2 API Microgateway with Okta as Key Manager[Webinar] WSO2 API Microgateway with Okta as Key Manager
[Webinar] WSO2 API Microgateway with Okta as Key ManagerWSO2
 
Integrating Okta with Anypoint Platform for a mobile security use case
Integrating Okta with Anypoint Platform for a mobile security use caseIntegrating Okta with Anypoint Platform for a mobile security use case
Integrating Okta with Anypoint Platform for a mobile security use caseBahman Kalali
 

Mais conteúdo relacionado

Mais procurados

Spring Boot+Kafka: the New Enterprise Platform
Spring Boot+Kafka: the New Enterprise PlatformSpring Boot+Kafka: the New Enterprise Platform
Spring Boot+Kafka: the New Enterprise PlatformVMware Tanzu
 
Exposing services with Azure API Management
Exposing services with Azure API ManagementExposing services with Azure API Management
Exposing services with Azure API ManagementCallon Campbell
 
Api gateway in microservices
Api gateway in microservicesApi gateway in microservices
Api gateway in microservicesKunal Hire
 
Reactive programming by spring webflux - DN Scrum Breakfast - Nov 2018
Reactive programming by spring webflux - DN Scrum Breakfast - Nov 2018Reactive programming by spring webflux - DN Scrum Breakfast - Nov 2018
Reactive programming by spring webflux - DN Scrum Breakfast - Nov 2018Scrum Breakfast Vietnam
 
OAuth2 - Introduction
OAuth2 - IntroductionOAuth2 - Introduction
OAuth2 - IntroductionKnoldus Inc.
 
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)WSO2
 
Introduction to Spring Cloud
Introduction to Spring Cloud Introduction to Spring Cloud
Introduction to Spring Cloud VMware Tanzu
 
Understanding REST APIs in 5 Simple Steps
Understanding REST APIs in 5 Simple StepsUnderstanding REST APIs in 5 Simple Steps
Understanding REST APIs in 5 Simple StepsTessa Mero
 
OpenShift Meetup - Tokyo - Service Mesh and Serverless Overview
OpenShift Meetup - Tokyo - Service Mesh and Serverless OverviewOpenShift Meetup - Tokyo - Service Mesh and Serverless Overview
OpenShift Meetup - Tokyo - Service Mesh and Serverless OverviewMaría Angélica Bracho
 
API Security Best Practices and Guidelines
API Security Best Practices and GuidelinesAPI Security Best Practices and Guidelines
API Security Best Practices and GuidelinesWSO2
 
Swagger With REST APIs.pptx.pdf
Swagger With REST APIs.pptx.pdfSwagger With REST APIs.pptx.pdf
Swagger With REST APIs.pptx.pdfKnoldus Inc.
 
APIs in a Microservice Architecture
APIs in a Microservice ArchitectureAPIs in a Microservice Architecture
APIs in a Microservice ArchitectureWSO2
 
Gateway/APIC security
Gateway/APIC securityGateway/APIC security
Gateway/APIC securityShiu-Fun Poon
 
Event driven microservices
Event driven microservicesEvent driven microservices
Event driven microservicesAnthony Martin
 
An introduction to OAuth 2
An introduction to OAuth 2An introduction to OAuth 2
An introduction to OAuth 2Sanjoy Kumar Roy
 
What is an API Gateway?
What is an API Gateway?What is an API Gateway?
What is an API Gateway?LunchBadger
 

Mais procurados (20)

Spring Boot+Kafka: the New Enterprise Platform
Spring Boot+Kafka: the New Enterprise PlatformSpring Boot+Kafka: the New Enterprise Platform
Spring Boot+Kafka: the New Enterprise Platform
 
Exposing services with Azure API Management
Exposing services with Azure API ManagementExposing services with Azure API Management
Exposing services with Azure API Management
 
Api gateway in microservices
Api gateway in microservicesApi gateway in microservices
Api gateway in microservices
 
Reactive programming by spring webflux - DN Scrum Breakfast - Nov 2018
Reactive programming by spring webflux - DN Scrum Breakfast - Nov 2018Reactive programming by spring webflux - DN Scrum Breakfast - Nov 2018
Reactive programming by spring webflux - DN Scrum Breakfast - Nov 2018
 
OAuth2 - Introduction
OAuth2 - IntroductionOAuth2 - Introduction
OAuth2 - Introduction
 
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)
 
Kong API
Kong APIKong API
Kong API
 
Introduction to Spring Cloud
Introduction to Spring Cloud Introduction to Spring Cloud
Introduction to Spring Cloud
 
Understanding REST APIs in 5 Simple Steps
Understanding REST APIs in 5 Simple StepsUnderstanding REST APIs in 5 Simple Steps
Understanding REST APIs in 5 Simple Steps
 
OpenShift Meetup - Tokyo - Service Mesh and Serverless Overview
OpenShift Meetup - Tokyo - Service Mesh and Serverless OverviewOpenShift Meetup - Tokyo - Service Mesh and Serverless Overview
OpenShift Meetup - Tokyo - Service Mesh and Serverless Overview
 
API Security Best Practices and Guidelines
API Security Best Practices and GuidelinesAPI Security Best Practices and Guidelines
API Security Best Practices and Guidelines
 
Swagger With REST APIs.pptx.pdf
Swagger With REST APIs.pptx.pdfSwagger With REST APIs.pptx.pdf
Swagger With REST APIs.pptx.pdf
 
APIs in a Microservice Architecture
APIs in a Microservice ArchitectureAPIs in a Microservice Architecture
APIs in a Microservice Architecture
 
Gateway/APIC security
Gateway/APIC securityGateway/APIC security
Gateway/APIC security
 
Amazon API Gateway
Amazon API GatewayAmazon API Gateway
Amazon API Gateway
 
Event driven microservices
Event driven microservicesEvent driven microservices
Event driven microservices
 
Introduction to APIs
Introduction to APIsIntroduction to APIs
Introduction to APIs
 
An introduction to OAuth 2
An introduction to OAuth 2An introduction to OAuth 2
An introduction to OAuth 2
 
What is an API Gateway?
What is an API Gateway?What is an API Gateway?
What is an API Gateway?
 
Container Patterns
Container PatternsContainer Patterns
Container Patterns
 

Semelhante a Extending WSO2 API Manager's Key Management Capabilities - WSO2 API Manager Community Call (1/21/2021)

[Webinar] WSO2 API Microgateway with Okta as Key Manager
[Webinar] WSO2 API Microgateway with Okta as Key Manager[Webinar] WSO2 API Microgateway with Okta as Key Manager
[Webinar] WSO2 API Microgateway with Okta as Key ManagerWSO2
 
Integrating Okta with Anypoint Platform for a mobile security use case
Integrating Okta with Anypoint Platform for a mobile security use caseIntegrating Okta with Anypoint Platform for a mobile security use case
Integrating Okta with Anypoint Platform for a mobile security use caseBahman Kalali
 
WSO2 API Microgateway for Easier Development and Greater Scalability
WSO2 API Microgateway for Easier Development and Greater ScalabilityWSO2 API Microgateway for Easier Development and Greater Scalability
WSO2 API Microgateway for Easier Development and Greater ScalabilityWSO2
 
Flink Forward San Francisco 2019: Building Financial Identity Platform using ...
Flink Forward San Francisco 2019: Building Financial Identity Platform using ...Flink Forward San Francisco 2019: Building Financial Identity Platform using ...
Flink Forward San Francisco 2019: Building Financial Identity Platform using ...Flink Forward
 
INTERFACE, by apidays - The Evolution of API Security by Johann Dilantha Nal...
INTERFACE, by apidays - The Evolution of API Security by Johann Dilantha Nal...INTERFACE, by apidays - The Evolution of API Security by Johann Dilantha Nal...
INTERFACE, by apidays - The Evolution of API Security by Johann Dilantha Nal...apidays
 
[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...
[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...
[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...WSO2
 
How to Install and Configure your own Identity Manager GE
How to Install and Configure your own Identity Manager GEHow to Install and Configure your own Identity Manager GE
How to Install and Configure your own Identity Manager GEFederico Fernández Moreno
 
How to Install & Configure Your Own Identity Manager GE
How to Install & Configure Your Own Identity Manager GEHow to Install & Configure Your Own Identity Manager GE
How to Install & Configure Your Own Identity Manager GEFIWARE
 
GIT as Mikrotik Configuration Management
GIT as Mikrotik Configuration ManagementGIT as Mikrotik Configuration Management
GIT as Mikrotik Configuration ManagementGLC Networks
 
[Workshop] API Management in Microservices Architecture
[Workshop] API Management in Microservices Architecture[Workshop] API Management in Microservices Architecture
[Workshop] API Management in Microservices ArchitectureWSO2
 
DevConf.CZ 2020 @ Brno, Czech Republic : WebAuthn support for keycloak
DevConf.CZ 2020 @ Brno, Czech Republic : WebAuthn support for keycloakDevConf.CZ 2020 @ Brno, Czech Republic : WebAuthn support for keycloak
DevConf.CZ 2020 @ Brno, Czech Republic : WebAuthn support for keycloakHitachi, Ltd. OSS Solution Center.
 
[APIdays NY] Managing the usage of Asynchronous APIs: What does it take?
[APIdays NY] Managing the usage of Asynchronous APIs: What does it take?[APIdays NY] Managing the usage of Asynchronous APIs: What does it take?
[APIdays NY] Managing the usage of Asynchronous APIs: What does it take?WSO2
 
A Detailed Guide to Securing React applications with Keycloak - WalkingTree ...
A Detailed Guide to Securing React applications with Keycloak - WalkingTree ...A Detailed Guide to Securing React applications with Keycloak - WalkingTree ...
A Detailed Guide to Securing React applications with Keycloak - WalkingTree ...Ganesh Kumar
 
WMUG NL Tuesday - Latest and greatest in the world of Configuration Manager
WMUG NL Tuesday - Latest and greatest in the world of Configuration ManagerWMUG NL Tuesday - Latest and greatest in the world of Configuration Manager
WMUG NL Tuesday - Latest and greatest in the world of Configuration ManagerTim De Keukelaere
 
How to Create Blockchain Products by Slice.Market CTO
How to Create Blockchain Products by Slice.Market CTOHow to Create Blockchain Products by Slice.Market CTO
How to Create Blockchain Products by Slice.Market CTOProduct School
 

Semelhante a Extending WSO2 API Manager's Key Management Capabilities - WSO2 API Manager Community Call (1/21/2021) (20)

[Webinar] WSO2 API Microgateway with Okta as Key Manager
[Webinar] WSO2 API Microgateway with Okta as Key Manager[Webinar] WSO2 API Microgateway with Okta as Key Manager
[Webinar] WSO2 API Microgateway with Okta as Key Manager
 
Integrating Okta with Anypoint Platform for a mobile security use case
Integrating Okta with Anypoint Platform for a mobile security use caseIntegrating Okta with Anypoint Platform for a mobile security use case
Integrating Okta with Anypoint Platform for a mobile security use case
 
WSO2 API Microgateway for Easier Development and Greater Scalability
WSO2 API Microgateway for Easier Development and Greater ScalabilityWSO2 API Microgateway for Easier Development and Greater Scalability
WSO2 API Microgateway for Easier Development and Greater Scalability
 
Flink Forward San Francisco 2019: Building Financial Identity Platform using ...
Flink Forward San Francisco 2019: Building Financial Identity Platform using ...Flink Forward San Francisco 2019: Building Financial Identity Platform using ...
Flink Forward San Francisco 2019: Building Financial Identity Platform using ...
 
INTERFACE, by apidays - The Evolution of API Security by Johann Dilantha Nal...
INTERFACE, by apidays - The Evolution of API Security by Johann Dilantha Nal...INTERFACE, by apidays - The Evolution of API Security by Johann Dilantha Nal...
INTERFACE, by apidays - The Evolution of API Security by Johann Dilantha Nal...
 
[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...
[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...
[APIdays INTERFACE 2021] The Evolution of API Security for Client-side Applic...
 
How to Install and Configure your own Identity Manager GE
How to Install and Configure your own Identity Manager GEHow to Install and Configure your own Identity Manager GE
How to Install and Configure your own Identity Manager GE
 
How to Install & Configure Your Own Identity Manager GE
How to Install & Configure Your Own Identity Manager GEHow to Install & Configure Your Own Identity Manager GE
How to Install & Configure Your Own Identity Manager GE
 
Meetup bangalore-may22nd2021
Meetup bangalore-may22nd2021Meetup bangalore-may22nd2021
Meetup bangalore-may22nd2021
 
Building APIs with Mule and Spring Boot
Building APIs with Mule and Spring BootBuilding APIs with Mule and Spring Boot
Building APIs with Mule and Spring Boot
 
GIT as Mikrotik Configuration Management
GIT as Mikrotik Configuration ManagementGIT as Mikrotik Configuration Management
GIT as Mikrotik Configuration Management
 
[Workshop] API Management in Microservices Architecture
[Workshop] API Management in Microservices Architecture[Workshop] API Management in Microservices Architecture
[Workshop] API Management in Microservices Architecture
 
Sprint 82
Sprint 82Sprint 82
Sprint 82
 
Mikrotik API
Mikrotik APIMikrotik API
Mikrotik API
 
DevConf.CZ 2020 @ Brno, Czech Republic : WebAuthn support for keycloak
DevConf.CZ 2020 @ Brno, Czech Republic : WebAuthn support for keycloakDevConf.CZ 2020 @ Brno, Czech Republic : WebAuthn support for keycloak
DevConf.CZ 2020 @ Brno, Czech Republic : WebAuthn support for keycloak
 
[APIdays NY] Managing the usage of Asynchronous APIs: What does it take?
[APIdays NY] Managing the usage of Asynchronous APIs: What does it take?[APIdays NY] Managing the usage of Asynchronous APIs: What does it take?
[APIdays NY] Managing the usage of Asynchronous APIs: What does it take?
 
A Detailed Guide to Securing React applications with Keycloak - WalkingTree ...
A Detailed Guide to Securing React applications with Keycloak - WalkingTree ...A Detailed Guide to Securing React applications with Keycloak - WalkingTree ...
A Detailed Guide to Securing React applications with Keycloak - WalkingTree ...
 
WMUG NL Tuesday - Latest and greatest in the world of Configuration Manager
WMUG NL Tuesday - Latest and greatest in the world of Configuration ManagerWMUG NL Tuesday - Latest and greatest in the world of Configuration Manager
WMUG NL Tuesday - Latest and greatest in the world of Configuration Manager
 
ProjectReport_Subhayu
ProjectReport_SubhayuProjectReport_Subhayu
ProjectReport_Subhayu
 
How to Create Blockchain Products by Slice.Market CTO
How to Create Blockchain Products by Slice.Market CTOHow to Create Blockchain Products by Slice.Market CTO
How to Create Blockchain Products by Slice.Market CTO
 

Mais de WSO2

Accelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessAccelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessWSO2
 
How to Create a Service in Choreo
How to Create a Service in ChoreoHow to Create a Service in Choreo
How to Create a Service in ChoreoWSO2
 
Ballerina Tech Talk - May 2023
Ballerina Tech Talk - May 2023Ballerina Tech Talk - May 2023
Ballerina Tech Talk - May 2023WSO2
 
Platform Strategy to Deliver Digital Experiences on Azure
Platform Strategy to Deliver Digital Experiences on AzurePlatform Strategy to Deliver Digital Experiences on Azure
Platform Strategy to Deliver Digital Experiences on AzureWSO2
 
GartnerITSymSessionSlides.pdf
GartnerITSymSessionSlides.pdfGartnerITSymSessionSlides.pdf
GartnerITSymSessionSlides.pdfWSO2
 
[Webinar] How to Create an API in Minutes
[Webinar] How to Create an API in Minutes[Webinar] How to Create an API in Minutes
[Webinar] How to Create an API in MinutesWSO2
 
Modernizing the Student Journey with Ethos Identity
Modernizing the Student Journey with Ethos IdentityModernizing the Student Journey with Ethos Identity
Modernizing the Student Journey with Ethos IdentityWSO2
 
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...WSO2
 
CIO Summit Berlin 2022.pptx.pdf
CIO Summit Berlin 2022.pptx.pdfCIO Summit Berlin 2022.pptx.pdf
CIO Summit Berlin 2022.pptx.pdfWSO2
 
Delivering New Digital Experiences Fast - Introducing Choreo
Delivering New Digital Experiences Fast - Introducing ChoreoDelivering New Digital Experiences Fast - Introducing Choreo
Delivering New Digital Experiences Fast - Introducing ChoreoWSO2
 
Fueling the Digital Experience Economy with Connected Products
Fueling the Digital Experience Economy with Connected ProductsFueling the Digital Experience Economy with Connected Products
Fueling the Digital Experience Economy with Connected ProductsWSO2
 
A Reference Methodology for Agile Digital Businesses
A Reference Methodology for Agile Digital Businesses A Reference Methodology for Agile Digital Businesses
A Reference Methodology for Agile Digital BusinessesWSO2
 
Lessons from the pandemic - From a single use case to true transformation
Lessons from the pandemic - From a single use case to true transformation Lessons from the pandemic - From a single use case to true transformation
Lessons from the pandemic - From a single use case to true transformationWSO2
 
Adding Liveliness to Banking Experiences
Adding Liveliness to Banking ExperiencesAdding Liveliness to Banking Experiences
Adding Liveliness to Banking ExperiencesWSO2
 
Building a Future-ready Bank
Building a Future-ready BankBuilding a Future-ready Bank
Building a Future-ready BankWSO2
 
WSO2 API Manager Community Call - November 2021
WSO2 API Manager Community Call - November 2021WSO2 API Manager Community Call - November 2021
WSO2 API Manager Community Call - November 2021WSO2
 
[API World ] - Managing Asynchronous APIs
[API World ] - Managing Asynchronous APIs[API World ] - Managing Asynchronous APIs
[API World ] - Managing Asynchronous APIsWSO2
 
[API World 2021 ] - Understanding Cloud Native Deployment
[API World 2021 ] - Understanding Cloud Native Deployment[API World 2021 ] - Understanding Cloud Native Deployment
[API World 2021 ] - Understanding Cloud Native DeploymentWSO2
 
[API Word 2021] - Quantum Duality of “API as a Business and a Technology”
[API Word 2021] - Quantum Duality of “API as a Business and a Technology”[API Word 2021] - Quantum Duality of “API as a Business and a Technology”
[API Word 2021] - Quantum Duality of “API as a Business and a Technology”WSO2
 
API Revisions - WSO2 API Manager Community Call (10/27/2021)
API Revisions - WSO2 API Manager Community Call (10/27/2021)API Revisions - WSO2 API Manager Community Call (10/27/2021)
API Revisions - WSO2 API Manager Community Call (10/27/2021)WSO2
 

Mais de WSO2 (20)

Accelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessAccelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with Platformless
 
How to Create a Service in Choreo
How to Create a Service in ChoreoHow to Create a Service in Choreo
How to Create a Service in Choreo
 
Ballerina Tech Talk - May 2023
Ballerina Tech Talk - May 2023Ballerina Tech Talk - May 2023
Ballerina Tech Talk - May 2023
 
Platform Strategy to Deliver Digital Experiences on Azure
Platform Strategy to Deliver Digital Experiences on AzurePlatform Strategy to Deliver Digital Experiences on Azure
Platform Strategy to Deliver Digital Experiences on Azure
 
GartnerITSymSessionSlides.pdf
GartnerITSymSessionSlides.pdfGartnerITSymSessionSlides.pdf
GartnerITSymSessionSlides.pdf
 
[Webinar] How to Create an API in Minutes
[Webinar] How to Create an API in Minutes[Webinar] How to Create an API in Minutes
[Webinar] How to Create an API in Minutes
 
Modernizing the Student Journey with Ethos Identity
Modernizing the Student Journey with Ethos IdentityModernizing the Student Journey with Ethos Identity
Modernizing the Student Journey with Ethos Identity
 
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...
 
CIO Summit Berlin 2022.pptx.pdf
CIO Summit Berlin 2022.pptx.pdfCIO Summit Berlin 2022.pptx.pdf
CIO Summit Berlin 2022.pptx.pdf
 
Delivering New Digital Experiences Fast - Introducing Choreo
Delivering New Digital Experiences Fast - Introducing ChoreoDelivering New Digital Experiences Fast - Introducing Choreo
Delivering New Digital Experiences Fast - Introducing Choreo
 
Fueling the Digital Experience Economy with Connected Products
Fueling the Digital Experience Economy with Connected ProductsFueling the Digital Experience Economy with Connected Products
Fueling the Digital Experience Economy with Connected Products
 
A Reference Methodology for Agile Digital Businesses
A Reference Methodology for Agile Digital Businesses A Reference Methodology for Agile Digital Businesses
A Reference Methodology for Agile Digital Businesses
 
Lessons from the pandemic - From a single use case to true transformation
Lessons from the pandemic - From a single use case to true transformation Lessons from the pandemic - From a single use case to true transformation
Lessons from the pandemic - From a single use case to true transformation
 
Adding Liveliness to Banking Experiences
Adding Liveliness to Banking ExperiencesAdding Liveliness to Banking Experiences
Adding Liveliness to Banking Experiences
 
Building a Future-ready Bank
Building a Future-ready BankBuilding a Future-ready Bank
Building a Future-ready Bank
 
WSO2 API Manager Community Call - November 2021
WSO2 API Manager Community Call - November 2021WSO2 API Manager Community Call - November 2021
WSO2 API Manager Community Call - November 2021
 
[API World ] - Managing Asynchronous APIs
[API World ] - Managing Asynchronous APIs[API World ] - Managing Asynchronous APIs
[API World ] - Managing Asynchronous APIs
 
[API World 2021 ] - Understanding Cloud Native Deployment
[API World 2021 ] - Understanding Cloud Native Deployment[API World 2021 ] - Understanding Cloud Native Deployment
[API World 2021 ] - Understanding Cloud Native Deployment
 
[API Word 2021] - Quantum Duality of “API as a Business and a Technology”
[API Word 2021] - Quantum Duality of “API as a Business and a Technology”[API Word 2021] - Quantum Duality of “API as a Business and a Technology”
[API Word 2021] - Quantum Duality of “API as a Business and a Technology”
 
API Revisions - WSO2 API Manager Community Call (10/27/2021)
API Revisions - WSO2 API Manager Community Call (10/27/2021)API Revisions - WSO2 API Manager Community Call (10/27/2021)
API Revisions - WSO2 API Manager Community Call (10/27/2021)
 

Último

A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 

Último (20)

A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 

Extending WSO2 API Manager's Key Management Capabilities - WSO2 API Manager Community Call (1/21/2021)

  • 4. ● Recap ● An overview of key manager connectors in WSO2 API Manager ● Implementing a custom key manager connector ● GUI features of the connectors for easier configuration ● Event-based token revocation ● Q&A Agenda 4
  • 6. Quick Recap ● Key manager as a component ● Operations of Key Manager ⦿ Token generation/ revocation ⦿ Authentication and authorization ⦿ Federation and more... ● How Key Manager is evolved ⦿ Before AM 1.9.0 : Tightly coupled Key Manager ⦿ AM 1.9 - 3.1.0 : Key Manager extensions ⦿ From 3.2.0 : Connectors and pure 3rd party key managers Watch API Key Manager (Community Call #10) @ API Life on YouTube 6
  • 7. An Overview of Key Manager Connectors in WSO2 API Manager
  • 8. Why 3rd Party Key Managers and Why We Need a Connector? We have to use a 3rd party Key Manager because ● Organization/ Client already has a key management solution in place ● Organizational policies We need a connector because, key managers ● Can have different set of configurations ● Support different functionalities ● Use different API endpoints, etc. 8
  • 9. API Manager Scenario Key Manager: foo Key Manager: bar 9
  • 10. Key Manager: foo Key Manager: bar API Manager Scenario Foo Connector Bar Connector 10
  • 11. Key Manager Connector Functionality Create/ Get / Update/ Delete OAuth applications Generate access tokens Token introspection Connector Key Manager 11
  • 12. Advantages of a Key Manager Connector ● Easily deployable ● Configure multiple Key Managers at the same time ● Configurable per API ● No file-based configurations 12
  • 13. Available Key Manager Connectors ● WSO2 Identity Server ● Okta ● Key Cloak ● Ping ● Auth0 13
  • 14. Implementing a Custom Key Manager Connector
  • 15. How a Key Manager Connector is Implemented ● Carbon feature project (OSGI bundle) ● Uses Key Manager’s public APIs ● Extends AbstractKeyManager class ⦿ Overrides common key manager functions ⦾ Creating applications ⦾ Generating tokens, etc. ● Implements KeyManagerConnectorConfiguration ⦿ Defines Key Manager specific configuration options ⦾ Required admin credentials ⦾ Application related configuration 15
  • 16. Project Structure ● Component ⦿ The implementation of the connector (source code) ● Feature ⦿ Builds the component zip file with all the required resources More info: How to write a WSO2 Carbon Component 16
  • 17. Auth0OAuthClient.java ● Extends the AbstractKeyManager class ● Overrides required methods Method Description loadConfiguration() Loads the key manager configuration and initializes the key manager client createApplication() Creates oauth application in key manager getNewApplicationAccessToken() Generates access token getTokenMetaData() Validates and gets token information 17
  • 18. Auth0ConnectorConfiguration.java ● Implements the KeyManagerConnectorConfiguration class ● Service component of the connector ● Used to define key manager specific configuration parameters ● Dynamically generates the UI Method Description getConnectionConfigurations() Returns the key manager’s connection related configuration, i.e credentials, token endpoint. getApplicationConfigurations() Creates oauth application in key manager getType() Returns the key manager type getDisplayName() Returns the key manager’s configured display name 18
  • 19. Build and Deploy ● Build the project with maven mvn clean install ● Copy {PROJECT_HOME}/components/<package-name>/target/{CONNECTOR_NAME}-{Versio n}.jar file into {API-M_HOME}/repository/components/dropins directory ● Start WSO2 API Manager server ./wso2server.sh or wso2server.bat 19
  • 20. GUI Features of the Connector for Easier Configuration
  • 21. GUI Features of a Key Manager Connector ● Use the WSO2 API Manager admin portal to add a Key Manager ● UI based, dynamic configuration generation for KM specific configs ⦿ Connection and application configuration ● API and application level Key Manager configuration ⦿ Select which key manager should be used with an API ⦿ Configure key manager specific application parameters 21
  • 22. Dynamic Configuration Generation - Admin Portal Admin Portal > Key Managers > Add New Key Manager > Auth0 Configuration related to Key Manager APIs 22
  • 23. Dynamic Configuration Generation - Developer Portal Developer Portal > Application > Oauth2 Tokens Configuration related to applications created in the Key Manager 23
  • 25. Event-based Token Revocation ● Gateway caches need to be invalidated and revoked token information should be persisted upon revocation ● When Key Manager is externalized, there should be a system to notify the gateways ● Key Manager should send the revoked token information (WSO2 Identity Server - Revocation Event, Okta: Event Hooks) ● Depends on different Key Managers ● Currently implemented for WSO2 Identity Server 25
  • 26. Event-based Token Revocation - Message Flow ● User invokes the revoke endpoint with the token to be revoked ● Key Manager invokes the /internal/data/v1/notify endpoint of Traffic Manager with revoked token information ● Traffic Manager processes the revoke token information, persists the revoked token signature in DB ● Traffic Manager generates the token revocation event and sends to the gateway via JMS ● Gateway invalidates the token caches relevant to the revoked token ● The revoked token jti is added in to the revoked token map in Gateway 26
  • 27. Event-based Token Revocation - Message Flow /revoke /internal/data/v1/notify Token Revocation Event Key Manager HTTP HTTP JMS Token Info (jti, etc) 27 Persist revoked token signature AM_DB ● Invalidate token Cache ● Updates Revoked token map
  • 28. More Info ● API Key Manager (Community Call #10) @API Life https://www.youtube.com/watch?v=a37MHagB8So&list=PLC7QzKjxCjo2GBxV c0Rr0LXyNryZVwAts&index=9 ● Securing APIs with WSO2 API Manager and Okta, WSO2 Webinar https://www.youtube.com/watch?v=z9mXnC-0clo 28
  • 30. 30 Next Session ● Thursday, February 18, 2021 ● Click on the community call page link to get notified of the next call or submit your topic suggestions ⦿ Page - https://wso2.com/community/api-management/#CommunityCall ● You can join our ongoing conversations on WSO2 API Manager using the following channels ⦿ Slack invite - apim-slack.wso2.com ⦿ Twitter - @wso2apimanager ⦿ Email - dev@wso2.org ● You can find out more about our product by visiting ⦿ YouTube - bit.do/wso2apimanager ⦿ Website - WSO2 30