/
Include Additional Headers in the API Console
com.atlassian.confluence.content.render.xhtml.migration.exceptions.UnknownMacroMigrationException: The macro 'next_previous_links' is unknown.

Include Additional Headers in the API Console

Jul 06, 2018

The Swagger API Console is a JavaScript client that runs in the API Store and makes JavaScript calls from the Store to the API Gateway. You must specify any additional headers that you want to add to the API Console under the CORS ( Cross Origin Resource Sharing ) configuration.

Before you begin...

Open the CORS configuration in the <API-M_HOME>/repository/conf/api-manager.xml file, enable CORS if it is not enabled already and specify the additional headers (SOAPAction, in this case) under the <Access-Control-Allow-Headers> element:

CORS configurations in api-manager.xml
 <CORSConfiguration> <Enabled>true</Enabled> <Access-Control-Allow-Origin>*</Access-Control-Allow-Origin> <Access-Control-Allow-Methods>GET,PUT,POST,DELETE,PATCH,OPTIONS</Access-Control-Allow-Methods> <Access-Control-Allow-Headers>authorization,Access-Control-Allow-Origin,Content-Type,SOAPAction</Access-Control-Allow-Headers> </CORSConfiguration>

Next, let's see how to add the header as a parameter to the API Console.

  1. Log in to the API Publisher and click the API that you want to invoke (e.g., PhoneVerification).

  2. Click the Edit link next to the API's name, navigate down to the API Definition section and click on the POST method to expand it. 

  3. Update the Produces and Consumes fields to text/xml and create the following header using the Add Parameter button.

  4. Once you are done, click Save.

  5. Log in to the API Store, subscribe to the API and generate an access token for the application you subscribed with.
    If it's an API that you are already subscribed to, you might have to re-generate the access token from the Applications page.

  6. Click on the API again to open it and then click its API Console tab.

  7. Expand the POST method and click Try it out

  8. Fill the parameter values and click Execute to invoke the API. For example,

  9. A result similar to the following appears on the console. 

You have added SOAP parameters to the API Console and invoked a SOAP service using the API Console.

Enabling CORS for OAuth Token related APIs

Enabling CORS configuration through api-manager.xml is only valid for APIs created through the API manager Publisher application. Hence, enabling CORS for OAuth token related APIs (/authorize, /revoke, /token, /userinfo) can be carried out as follows. 

Based on the API that you need to enable CORS, add the following handler configuration to the relevant API synapse file present in <API-M_HOME>/repository/deployment/server/synapse-configs/default/api/ folder. It should be added within the <handlers> parent element.

 

<handler class="org.wso2.carbon.apimgt.gateway.handlers.security.CORSRequestHandler"> <property name="apiImplementationType" value="ENDPOINT"/> </handler>

The following are the mappings of the synapse files corresponding to the OAuth token related APIs.

Endpoint

Synapse configuration

Endpoint

Synapse configuration

/authorize

_AuthorizeAPI_.xml

/revoke

_RevokeAPI_.xml

/token

_TokenAPI_.xml

/userinfo

_UserInfoAPI_.xml

com.atlassian.confluence.content.render.xhtml.migration.exceptions.UnknownMacroMigrationException: The macro 'next_previous_links2' is unknown.