We suggest having a separate backend component written, to handle the authorization token generation, when developing the custom API Store application in the integration cloud.This backend component can be written in MSF4J or any other language of your choice.
The main responsibilities of the middle tier application are listed below. All the calls which reach the front end goes to WSO2 through this intermediate middle tier.
- Calling the WSO2 OAuth2 endpoint(key generation service) to retrieve the access token.
- Requesting for refresh tokens once the current tokens expire.
- Handling the secure invocation to the WSO2 Cloud REST APIs.
The diagram below illustrates the structure of this middle tier application and how to use an external store application to consume the WSO2 REST APIs. The middle tier application also known as the backend application will be responsible for handling the operations shown inside the red box.
The following are the three middle tier application functionalities handled by the middle tier(backend) application. Make sure that all these functions are implemented when you write your backend application.
- Invoking Admin REST APIs
(a) Password Grant
(b) Refresh Token Grant - Logging in and storing subscriber access tokens
- Invoking Store REST APIs
To secure the connection between the front end application and the middle tier application, enable CORS for the backend application. When enabling CORS you need to make sure to only allow the host of your front end application so that users accessing from other hosts are unable to attack your system.