Adding an Application Registration Workflow

This section explains how to attach a custom workflow to the application registration operation in the API Manager. First, see Workflow Extensions for information on different types of workflow executors.

Introduction to Application registration (Key generation) workflow

Application creation and Application registration are different workflows. After an application is created, you can subscribe to available APIs, but you get the consumer key/secret and access tokens only after registering the application. There are two types of registrations that can be done to an application: production and sandbox. You change the default application registration workflow in situations such as the following:

To issue only sandbox keys when creating production keys is deferred until testing is complete.
To restrict untrusted applications from creating production keys. You allow only the creation of sandbox keys.
To make API subscribers go through an approval process before creating any type of access token.

Configuring the API Manager

Open the <API-M_HOME>/repository/deployment/server/jaggeryapps/admin/site/conf/site.json file and configure the "workFlowServerURL" under "workflows" to point to the EI/BPS server (e.g. "workFlowServerURL": "https://localhost:9445/services/")

{
  .....
  "context": "/admin",
  "request_url": "READ_FROM_REQUEST",
  "tasksPerPage": 10,
  "allowedPermission": "/permission/admin/manage/apim_admin",
  "workflows": {
    "workFlowServerURL": "https://localhost:9445/services/",
  }
  .....
}

Engaging the WS Workflow Executor in the API Manager

First, enable the application registration workflow.

Start WSO2 API Manager and login to the APIM management console (https://<Server Host>:9443/carbon) and select Browse under Resources.
Go to the /_system/governance/apimgt/applicationdata/workflow-extensions.xml resource, disable the Simple Workflow Executor and enable WS Workflow Executor as described in the tip provided at the start of this documentation if you haven't done already.
```
<WorkFlowExtensions>
...
    <ProductionApplicationRegistration executor="org.wso2.carbon.apimgt.impl.workflow.ApplicationRegistrationWSWorkflowExecutor">
        <Property name="serviceEndpoint">http://localhost:9765/services/ApplicationRegistrationWorkFlowProcess/</Property>
        <Property name="username">admin</Property>
        <Property name="password">admin</Property>
        <Property name="callbackURL">https://localhost:8248/services/WorkflowCallbackService</Property>
    </ProductionApplicationRegistration>
...   
    <SandboxApplicationRegistration executor="org.wso2.carbon.apimgt.impl.workflow.ApplicationRegistrationWSWorkflowExecutor">
        <Property name="serviceEndpoint">http://localhost:9765/services/ApplicationRegistrationWorkFlowProcess/</Property>
        <Property name="username">admin</Property>
        <Property name="password">admin</Property>
        <Property name="callbackURL">https://localhost:8248/services/WorkflowCallbackService</Property>
    </SandboxApplicationRegistration>
...
</WorkFlowExtensions>
```
Note that all workflow process services of the EI/BPS run on port 9765 because you changed its default port (9763) with an offset of 2.
Log into the API Store (https://localhost:9443/store) as a Store user and open the application with which you subscribed to the API.

If you do not have an already created API and an Application subscribed to it, follow Create and Publish an API and upto step 8 of Subscribe to an API to create an API and subscribe to it.
In the Production Keys tab of the Application, click the Generate Keys button.
It invokes the ApplicationRegistrationWorkFlowProcess.bpel that is bundled with the ApplicationRegistrationWorkflowProcess_1.0.0.zip file and creates a HumanTask instance that holds the execution of the BPEL process until some action is performed on it.
Note that a message appears saying that the request is successfully submitted if the BPEL was invoked correctly.
Log in to the Admin Portal (https://<Server Host>:9443/admin ) with admin credentials and list all the tasks for application registrations. Click Start to start the Human Task and then change its state. Once you select Approve and click Complete the task, it resumes the BPEL process and completes the registration.

Go back to the API Store and view your application.

It shows the application access token, consumer key and consumer secret.

After the registration request is approved, keys are generated by invoking the APIKeyMgtSubscriber service hosted in Key Manger nodes. Even when the request is approved, key generation can fail if this service becomes unavailable. To address such failures, you can configure to trigger key generation at a time Key Manager nodes become available again. Given below is the message used to invoke the BPEL process:

<applicationregistrationworkflowprocessrequest xmlns:wor="http://workflow.application.apimgt.carbon.wso2.org"
 xmlns="http://workflow.application.apimgt.carbon.wso2.org">
   <applicationname>NewApp5</applicationname>
   <applicationtier>Unlimited</applicationtier>
   <applicationcallbackurl></applicationcallbackurl>
   <applicationdescription></applicationdescription>
   <tenantdomain>carbon.super</tenantdomain>
   <username>admin</username>
   <workflowexternalref>4a20749b-a10d-4fa5-819b-4fae5f57ffaf</workflowexternalref>
   <callbackurl>https://localhost:8243/services/WorkflowCallbackService</callbackurl>
   <keytype>PRODUCTION</keytype>
</applicationregistrationworkflowprocessrequest>