WSO2 App Manager provides SAML SSO as its default authentication mechanism. The For information on the implementation of handlers, go to the source code of the implementation is here. Similarly, you can extend App Manager to support any custom authentication mechanism by writing your own authentication handler class. This custom handler must extend org.apache.synapse.rest.AbstractHandler class and implement the handleRequest() and handleResponse() methods.
...