Consume API hosted on WSO2 Api Manager 3.1.0 using Postman

0
votes

I am a new user on WSO2 API Manager. I just installed it 2 days back and hosted one simple API on that. It works fine with internal tool. But how to consume it from outside ? eg from Postman or Java code ? Can we make API accessible without any authentication and if i want only jet authentication, how can I do that. please guide. Thanks in advance.

As per suggestion called the API using Curl command and got the token then while calling the Errors even when providing access token ( which I got after client id and client secret)

Following error when passing Authorization: Bearer 2ee039b0-5cd4-3f31-844c-dd9441593f88​

 <ams:fault xmlns:ams="http://wso2.org/apimanager/security">
    <ams:code>900908</ams:code>
    <ams:message>Resource forbidden </ams:message>
    <ams:description>Access failure for API: /getcustrates/1.0, version: 1.0 status: (900908) - Resource forbidden </ams:description>
</ams:fault>

Following error when passing Authorization:Basic 2ee039b0-5cd4-3f31-844c-dd9441593f88​

<ams:fault xmlns:ams="http://wso2.org/apimanager/security">
    <ams:code>900902</ams:code>
    <ams:message>Missing Credentials</ams:message>
    <ams:description>Invalid Credentials. Make sure your API invocation call has a header: 'Authorization : Bearer ACCESS_TOKEN' or 'Authorization : Basic ACCESS_TOKEN' or 'apikey: API_KEY'</ams:description>
</ams:fault>
1
apiwso2jwt

1 Answers

1
votes

If you're new to the product, follow the quick start guide[1]. In the end when you invoke the API using the integrated Try-it tool. When you invoke an API using that, it also gives you the equivalent curl command. You can use that to invoke the API externally.

I assume by Jet you meant to say JWT. You can generate JWTs using the client key/secret pair you get from applications you create at the developer portal. You can use this command to generate further tokens.

curl -k -H "Authorization: Basic EncodeToBase64(<consumer-key>:<consumer-secret>)" -d "grant_type=password&username=<username>&password=<password>" -H "Content-Type: application/x-www-form-urlencoded" https://localhost:8243/token

or 

curl -k -u <consumer-key>:<consumer-secret> -d "grant_type=password&username=<username>&password=<password>" -H "Content-Type: application/x-www-form-urlencoded" https://localhost:8243/token

[1] https://apim.docs.wso2.com/en/latest/getting-started/quick-start-guide/