...
The diagram below depicts this scenario.
Prerequisites
Make sure that following prerequisites are met before following the instructions on publishing the web application for obtaining an OAuth2 access token.
Configuring the identity provider of App Manager
App Manager uses WSO2 Identity Server as the default service provider for SAML SSO authentication. You need to create a service provider in IDP for each web application that is published through the App Manager (i.e to get the SAML SSO authentication for web applications).
...
Configure WSO2 Identity Server as follows.
Configuring the API provider of App Manager
WSO2 App Manager uses WSO2 API-Manager as the API Provider. In order to provide a OAuth token using the SAML token provided by the IDP of App Manager (WSO2 IS), APIManager needs to include, IS as a trusted IDP provider. Configure WSO2 APIManager as follows.
Anchor | ||||
---|---|---|---|---|
|
If a particular web application needs accessing OAuth secured APIs internally, it needs to provide the following OAuth parameters of the APIs when publishing the web application in AppManager, as depicted below.
...
xxxxxx insert image here xxxxxx
Invoking App Manager Token API from web app
App Manager itself provides a token API. Web applications need to call this token API with the consumer/secret key pair [WCk1, WCSk1] provided by the App Manager, when they need to get an access token for a particular API.
...