Versions Compared

Old Version 10

changes.mady.by.user Former user

Saved on

compared with

New Version Current

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Reviewed changes

...

Note

This configuration is only valid for APIs created through the API manager Publisher application. All the other Oauth token related APIs (/authorize, /revoke, /token, /userinfo) are not affected from this. To enable CORS configuration to these APIs as well, see "Enabling CORS for Oauth Token related APIs".

Next, let's see how to add the header as a parameter to the API Console.

...

Enabling CORS configuration through api-manager.xml is only valid for APIs created through the API manager Publisher application. Hence enabling CORS for Oauth token related APIs (/authorize, /revoke, /token, /userinfo) can be carried out as follows. 

Based on the API that you need to enable CORS, add the following handler configuration to the relevant API synapse file present in <APIM_HOME>/repository/deployment/server/synapse-configs/default/api/ folder. It should be added within the <handlers> parent element.


Code Block
<handler class="org.wso2.carbon.apimgt.gateway.handlers.security.CORSRequestHandler">
    <property name="apiImplementationType" value="ENDPOINT"/>
</handler>

The following are the mappings of the synapse files corresponding to the Oauth token related APIs.

Endpoint
Synapse configuration
/authorize_AuthorizeAPI_.xml
/revoke_RevokeAPI_.xml
/token_TokenAPI_.xml
/userinfo_UserInfoAPI_.xml