'WSO2 Api Manager(wso2am-4.0.0) - Is the default token endpoint changed in wso2am-4.0.0?

In the latest WSO2 Api Manager, the default token endpoint seems to have changed to https://localhost:9443/oauth2/token

In the previous versions, the token endpoint was https://localhost:8243/token and invoking this endpoint generates a 404 resource not found error.

Is it possible to enable the previous token endpoint in the latest WSO2 Api Manager or is the oauth2 token endpoint the default to be used?



Solution 1:[1]

For all the APIM versions, OAuth2 token endpoint is https://localhost:9443/oauth2/token.

Before APIM 4.0.0 version, we have added a new proxy API to the gateway which will route the requests received to https://localhost:8243/token to the original token endpoint https://localhost:9443/oauth2/token. If you check the <APIM_HOME>/repository/deployment/server/synapse-configs/default/api directory in a APIM version before 4.0.0, you can find several endpoints that are proxied through gateway (_TokenAPI_.xml,_RevokeAPI_.xml etc).

From 4.0.0, we have removed this extra hop(_TokenAPI_.xml) for token call and asked users to directly use the actual token endpoint (https://localhost:9443/oauth2/token).

If you need previous experience in APIM 4.0.0 version, just by adding the _TokenAPI_.xml to the <APIM_HOME>/repository/deployment/server/synapse-configs/default/api directory, you can use https://localhost:8243/token endpoint.

For you reference, I have copied the same XML here.

<api xmlns="http://ws.apache.org/ns/synapse" name="_WSO2AMTokenAPI_" context="/token">
   <resource methods="POST" url-mapping="/*" faultSequence="_token_fault_">
      <inSequence>
         <property name="uri.var.portnum" expression="get-property('keyManager.port')" />
         <property name="uri.var.hostname" expression="get-property('keyManager.hostname')" />
         <send>
            <endpoint>
               <http uri-template="https://{uri.var.hostname}:{uri.var.portnum}/oauth2/token">
                  <timeout>
                     <duration>60000</duration>
                     <responseAction>fault</responseAction>
                  </timeout>
               </http>
            </endpoint>
         </send>
      </inSequence>
      <outSequence>
         <send />
      </outSequence>
   </resource>
   <handlers>
      <handler class="org.wso2.carbon.apimgt.gateway.handlers.ext.APIManagerCacheExtensionHandler" />
      <handler class="org.wso2.carbon.apimgt.gateway.handlers.common.SynapsePropertiesHandler" />
   </handlers>
</api>

Save this to an XML file named _TokenAPI_.xml and add it to the above directory. After this, you can use https://localhost:8243/token to obtain a token.

Solution 2:[2]

In versions before API-M 4.0.0, the token endpoint was still https://localhost:9443/oauth2/token. But a proxy (https://localhost:8243/token) was used to invoke this endpoint. You will be able to see this by viewing the _TokenAPI_.xml file in <API-M_HOME>/repository/deployment/server/synapse-configs/default/api directory.

From API-M 4.0.0 onwards, this proxy has been removed and the token endpoint (https://localhost:9443/oauth2/token) is invoked directly.

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 1akshitha
Solution 2 Hisan Hunais