Versions Compared

Old Version 2

changes.mady.by.user Former user

Saved on

compared with

New Version Current

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: https://wso2.org/jira/browse/DOCUMENTATION-3167

WSO2 API Manager (WSO2 APIM) allows you to encrypt any sensitive OAuth2.0 keys that are created. The API Manager APIM encrypts access tokens, client secrets and authorization codes (this can be extended to any other OAuth2.0 keys if needed) using the primary keystore. The result is encoded in Base64 and stored in the database. The RSA algorithm is used by default and the key strength (1024, 2048, etc) is based on the private key strength of the primary keystore. If SymmetricEncryption is enabled, the API Manager uses the AES algorithm by default, or the algorithm specified for the SymmetricEncryption.Algorithm in the carbon.xml file.

...

Tip
titleTip
  • If you use a distributed API Manager setup, you must make the changes on both the API Store and Key Manager nodes.
  • If you use WSO2 Identity Server (WSO2 IS) as the Key Manager setup, you need to make changes in both WSO2 IS and WSO2 API ManagerAPIM.