Unknown macro: {next_previous_links}
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

WSO2 API Manager allows you to encrypt sensitive OAuth2.0 keys that are created. This is done by changing the following configurations.

  1. In the <AM_HOME>/repository/conf/api-manager.xml file, set the <EncryptPersistedTokens> property to true.
  2. In the <AM_HOME>/repository/conf/identity/identity.xml file, change the <TokenPersistenceProcessor> property to org.wso2.carbon.identity.oauth.tokenprocessor.EncryptionDecryptionPersistenceProcessor.

Tip

If you use a distributed API Manager setup, the above changes must be made on both the API Store and Key Manager nodes.

Restart the server(s) after the above configuration changes are performed.

Note

It is recommended to switch this configuration on/off before any keys have been generated in your system. Once token encryption is switched on, the system encrypts all sensitive OAuth2.0 data such as Access Tokens, Consumer Secrets, etc. When reading that information, the system assumes that they are in the encrypted format and attempts to decrypt them. Therefore, switching this configuration on after any keys are created would break the system, unless the data is converted back into plain text.

  • No labels
Unknown macro: {next_previous_links2}