I need to expose an api via WSO2 Api-Manager and I want protect my api not with oAuth2 but via SAML autentication, actually I need to use the APi-Manager as SAML SP. Therefore I need protect the may api and if a user isn't authenticated on SAML IDP presents the SAML IDP login page. Is it possible do that with WSO2 Api-Manger or the SAML OSS is releated only for Web SSO for /carbon, /pubblish and /store web app?
thank you for the help!