How to pass Authorization Header WSO2 (API Manager) to my backend service?

4
votes

I need to pass Authorization Header from API Manager (WSO2) to my Service Bus Aplication (Oracle).

I saw in another post that I cant do that, because API will validate the token against the key manager and drop that token before calling the back end. (How to pass authorization header in WSO2 OAuth2 and its backend API server Oauth2?)

There's any alternative to pass the token from API Manager to my service bus application?

There's some additional settings for that?

2
wso2wso2-amapi-manager

2 Answers

9
votes

In conf/api-manager.xml, change value of "RemoveOAuthHeadersFromOutMessage" to false. Authorization header will not be removed and you can access it in your sequence, then you can set it to the request header to you backend. Not sure whether this is what you want or not.

0
votes

One option would be to send same oauth token in another custom header and then by adding a custom mediation sequence in the api manager, set that custom header to Authorization header and then send it to backend server.

https://docs.wso2.com/display/AM1100/Pass+a+Custom+Authorization+Token+to+the+Backend.