This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.
OAuth Mediator
The OAuth Mediator supports 2 forms of OAuth. It bypasses the RESTFull requests and authenticates users against WSO2 Identity Server.
When a client tries to invoke a RESTful service, it may be required to verify the credentials of the client. This can be achieved by registering an OAuth application in the WSO2 Identity Server. When the client sends a REST call with the Authorization header to the ESB, the OAuth mediator validates it with the Identity server and proceeds.
See 2-legged OAuth for Securing a RESTful Service for detailed instructions to carry out this process.
Syntax
<oauthService remoteServiceUrl="" />
UI Configuration
OAuth Server - Server URL of the WSO2 Identity Server.
Example
<oauthService xmlns="http://ws.apache.org/ns/synapse" remoteServiceUrl="https://localhost:9443/services" />