...
To enable MTLS validation in the access token requests, add the following entries to the start of the <handlers> property in the <WSO2_OBAMOB_APIM_HOME>/repository/deployment/server/synapse-configs/default/api/_TokenAPI_.xml file.
...
The following configuration should be added to the <handlers> section of the velocity template located in the <WSO2_OB_OBAMAPIM_HOME>/repository/resources/api_templates/velocity_template.xml file.
Add
MTLSValidationHandlerat the start of the<handlers>section.Info MTLSValidationHandler mandates MTLS.
Code Block <handler class="com.wso2.finance.open.banking.mtls.validator.handler.MTLSValidationHandler"/>
Add
MTLSClientTokenValidationHandlerunder handler<handler class="org.wso2.carbon.apimgt.gateway.handlers.security.APIAuthenticationHandler>.Info MTLSClientTokenValidationHandler ensures MTLS security.
Code Block <handler class="com.wso2.finance.open.banking.mtls.validator.handler.MTLSClientTokenValidationHandler"/>
If the APIs are already published, the above should be added to the
<handlers>property in the synapse configurations of the published APIs, which are located in the<WSO2_OB_OBAMAPIM_HOME>/repository/deployment/server/synapse-configs/default/apifile.