/
Whitelisting Host Names for API Store
This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.
Whitelisting Host Names for API Store
- Former user (Deleted)
Owned by Former user (Deleted)
Jan 11, 2018
API Manager provides the capability to whitelist multiple host names if you use different host names to access API Store in your environment.
In this case, localhost is by default considered as a whitelisted host name.
Similarly you can whitelist multiple host names for store as follows.
- You need to add the host names to the whiteListedHostNames attribute in
<APIM_HOME>/repository/deployment/server/jaggeryapps/store/site/conf/site.jsonas comma separated values.
See the following example configuration.
"whiteListedHostNames": ["www.wso2.org", "www.example.com"]
Note :
When you try to access API Store with a host which is not whitelisted, or is not specified in <APIM_HOME>/repository/conf.carbon.xml, you will notice the following warning being logged in the server logs.
Possible HOST Header Attack is identified. Hence, rewriting to default host in configuration.
, multiple selections available,
Related content
Deploying Consumer Data Standards Administration API v1.28.0
Deploying Consumer Data Standards Administration API v1.28.0
More like this
OpenID Connect Hybrid Flow
OpenID Connect Hybrid Flow
More like this
OpenID Connect Hybrid Flow
OpenID Connect Hybrid Flow
More like this
OpenID Connect Hybrid Flow
OpenID Connect Hybrid Flow
More like this
OpenID Connect Hybrid Flow
OpenID Connect Hybrid Flow
More like this
Deployment Patterns
Deployment Patterns
More like this