wso2 API-M 3.0 - how to get oauth token for product/admin api calls

0
votes

I am testing out the pre-release version 3.0 of wso2 API-M with the generic admin/admin credentials and want to invoke the various publisher apis at http://wso2.github.io/carbon-apimgt/apis/publisher/v1.0/ - e.g. creating a new api.

All of these apis take oauth access tokens, however in their documentation I only see the oauth2 scope for them noted, but I don't see how to generate the access token to pass in the api request.
It is clear how to generate oauth tokens for apis and apps already created in wso2 store/publisher, but I have not been able to find how to generate the oauth token for the higher-level product apis at https://docs.wso2.com/display/AM300/Product+APIs.

I know earlier versions of wso2 had the "carbon" endpoint with the admin and identity server UI which maybe helped with this, but this new version doesn't have that endpoint and the "admin" endpoint I stumbled across doesn't yield anything related to oauth tokens. Any ideas how to get the oauth credentials to invoke these apis? Thanks.

1
oauthwso2wso2-am

1 Answers

1
votes

You need to do the following.

  1. Using DCR endpoint, create an oauth app and generate client key and secret.

    curl -X POST -H "Content-Type: application/json" -H "Authorization: Basic YWRtaW46YWRtaW4=" --data @payload.json https://localhost:9443/api/identity/oauth2/dcr/v1.0/register -kv

payload.json content

{
  "redirect_uris": [
    "http://localhost"
  ],
  "client_name": "name_1",
  "grant_types": [
    "password"
  ]
}

Authorization token is Base64 encoded(username:password)

  1. Get an access token using password grant type

    curl -X POST -H "Authorization: Basic MTNiYmM1ODAtYjkwYy00ZDg0LWE5NjItYjg4NTg2Yzk1MmEyOjYxZGE1M2YwLTkxN2MtNDhmNi1hYWEzLWVmMDU3NjEzMDdiMw==" -H "Content-Type: application/x-www-form-urlencoded" -d 'username=admin&password=admin' "https://localhost:9443/api/auth/oauth2/v1.0/token?grant_type=password&scope=scope" -kv

Authorization token is Base64 encoded(clientId:clientSecret)

  1. Invoke an API with the received token

    curl -X GET -H "Authorization: Bearer 9uAXi-J5GywvdTupCjbg005-NdqDSfD397vI_UKcbaw" "https://localhost:9443/api/am/publisher/v1.0/apis/" -kv

Refer the following for more details

  1. https://docs.wso2.com/display/AM300/DCR+and+DCRM+APIs
  2. https://docs.wso2.com/display/AM300/Token+API