Versions Compared

Old Version 28

changes.mady.by.user Former user

Saved on

compared with

New Version 29

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: https://wso2.org/jira/browse/DOCUMENTATION-6529

Let's take a look at some concepts and terminology that you need to know in order to follow the use cases.

...

Cross-origin resource sharing  ( CORS ) is a mechanism that allows restricted resources (e.g., fonts, JavaScript) of a Web page to be requested from another domain outside the domain from which the resource originated.

The Swagger API Console that is integrated in the API Manager runs as a JavaScript client in the API Store and makes calls from the Store to the API Gateway. Therefore, if you have the API Store and Gateway running on different ports, enable CORS between them. 

...

Code Block
languagexml
<handlers>
   <handler class="org.wso2.carbon.apimgt.gateway.handlers.security.CORSRequestHandler"/>
</handlers>

...

OAuth scopes

Scopes enable fine-grained access control to API resources based on user roles. You define scopes to an API's resources. When a user invokes the API, his/her OAuth 2 bearer token cannot grant access to any API resource beyond its associated scopes.

...

The API Manager has a default mediation flow that is executed in each API invocation. There are 3 default sequences engaged as in, out and fault.

Sequence

Description

in

In-sequence is the first place that will be mediated through, once a request is dispatched to a resource of an API. At the end of the in-sequence the request can be forwarded to a back-end application for further processing.

out

Any responses coming from the back-end system are mediated through the out-sequence of the resource of the API.

fault

Fault sequence is there to handle any errors that may occur while mediating a message through a resource.

When the sequence or the proxy service encounters an error during mediation or while forwarding a message, the message that triggered the error is delegated to the specified fault sequence. Using the available mediators it is possible to log the erroneous message, forward it to a special error-tracking service, and send a SOAP fault back to the client indicating the error. We need to configure the fault sequence with the correct error handling instead of simply dropping messages. For more information, see Error Handling.


...

Caching

For information on configuring caching response messages and caching API calls at the Gateway and Key Manager server, see Configuring Caching.