Re: [Architecture] Migration approach for APIM 2.6.0 to 3.0.0

Hi Samitha, 1. Is it possible to migrate subscriptions with the applications? Further, I guess existing tokens will be invalid once migration happened right? 2. would you still plan to provide a UI for the import-export tool? it would be really nice if we can. Regards Roshan On Tue, Oct 30,

Re: [Architecture] [APIM][300][Store] Feature to change password of an user

Do we have any send an email to user feature in apim 3 road map ? On Mon, Aug 20, 2018 at 7:56 PM Sanjeewa Malalgoda wrote: > Forgot password feature should comes with some sort of user > verification(enter security question or send email verification, sms > verification etc). > That feature

Re: [Architecture] Design First APIs on APIM v3.0

What I would like to see is both options. 1. Complete process will be handled by auto generated codes. User will not be able to edit. Suits for non technical users. 2. Compelete process will be handle by user. He writes everything using bals. No auto generated codes from Apim UIs. Suits for

Re: [Architecture] OpenAPI 3.0 support for API Manager 2.2.0

Folks, Do we have a significant difference between swagger and openAPI? According to the https://swagger.io/blog/difference-between-swagger-and-openapi/, swagger is a tool and openAPI is the spec it self. Do we need to concern about swagger definition vs openAPI definition, rather versions of

Re: [Architecture] [APIM][C5] - Resource Registration Rest API For API Manager

Nuwan, When we export the swagger file, we should be able to get all the scopes that are bonded to the Ballerina resource right? On Mon, Dec 11, 2017 at 2:44 PM, Nuwan Dias wrote: > > > On Mon, Dec 11, 2017 at 4:31 AM, Harsha Kumara wrote: > >> >> >> On Fri,

Re: [Architecture] [APIM][C5] - Resource Registration Rest API For API Manager

Tharindu, IMO, we should extend key-manager interface for this implementation, because there could be instances where, some key managers does not support resource registrations OOB. +1 for keep scopes in swagger. Regards Roshan. On Tue, Dec 5, 2017 at 7:15 AM, Tharindu Dharmarathna

Re: [Architecture] Proper way to clean up entries in token & session tables

+1 for stored procedure option, it is a DBA's task to run scripts, hence less overhead for the product. On Thu, Nov 16, 2017 at 12:18 AM, Asela Pathberiya wrote: > Hi IAM/APIM team, > > We have already seen that large number of table entries in OAuth2 access > token table ,

Re: [Architecture] REST API date and time handling

@Anuruddha, does it change the JVM default time zone to UTC? Will it affect to other vendors which are installed on that JVM? On Wed, Aug 23, 2017 at 8:23 PM, Charini Nanayakkara wrote: > Hi, > > The requirement to consider time zones was encountered in the recent >

Re: [Architecture] [APIM][C5] SSO Feature for Publisher/Store Login

t supporitng it? > 2. How do you handle logout ? Can't we send a revoke token request when logout and do a page refresh after succesfull revoke. -- Roshan Wijesena. Senior Software Engineer-WSO2 Inc. Mobile: *+94719154640* Email: ros...@wso2.com *WSO2, Inc. :** wso2.com &

Re: [Architecture] Access token for API testing in Publisher and Store

id access token to use > the product APIs, we can use that as the trust and get him a token for > testing his APIs using the JWT grant. JWT grant will not be supported by all key managers, in that case how we can generate JWT token? What's wrong with password grant type we can use that no?

Re: [Architecture] [APIM 3.0.0][C5] Permission model : Visibility and subscription availability

nderstood, your requirement is to hide an API from other developers in publisher but in the store that should be visible to everyone is it? In that case, if other publishers log into the store they still can see other APIs no? -- Roshan Wijesena. Senior Software Engineer-WSO2 Inc. Mobile: *+94719154

Re: [Architecture] [APIM 3.0.0][C5] Permission model : Visibility and subscription availability

ew/edit/delete his API. If he does not wants to share this API with any other he can remove all roles that assigned to that API. Still, he can manipulate his API. -- Roshan Wijesena. Senior Software Engineer-WSO2 Inc. Mobile: *+94719154640* Email: ros...@wso2.com *WSO2, Inc. :** wso2.com &l

Re: [Architecture] [C5][APIM] Introducing labels based gateway environments in API Manager

we give it a unique number? -- Roshan Wijesena. Senior Software Engineer-WSO2 Inc. Mobile: *+94719154640* Email: ros...@wso2.com *WSO2, Inc. :** wso2.com <http://wso2.com/>* lean.enterprise.middleware. ___ Architecture mailing list Architecture@wso2.

Re: [Architecture] [C5][APIM] Introducing labels based gateway environments in API Manager

. By default, it will display all the >>>>>> available environments. There is an extension point which users can use >>>>>> to >>>>>> restrict showing particular gateway endpoints based on the user who logs >>>>>> into the API stor

Re: [Architecture] [Dev] [VOTE] Release WSO2 API Manager 2.1.0 RC4

lt;thili...@wso2.com>nurudd...@wso2.com >>>> >>>> ___ >>>> Architecture mailing list >>>> Architecture@wso2.org >>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>>>

Re: [Architecture] [C5][APIM] Full Text Search

gt;>>>>> >>>>>> *Cons* >>>>>> >>>>>>- Since indexing data is written to file system , when going for >>>>>>container based approach we would require mechanisms to file system >>>>>> mounting

Re: [Architecture] [APIM][C5] Workflow Implementation

workflow engine in there. Yes, the pluggable point would be nice, What we need to do is, do our implementation in front of a java interface, so then we can ship default impl and whoever wants to plug their WF engines they should be able to plug. Just like our key manager interface. -- Roshan Wijesena.

Re: [Architecture] [APIM][C5] API Manager entities(APIs/Applications/Docs etc..) permission model and group sharing.

hieved by "update" group permission. Regards Roshan. -- Roshan Wijesena. Senior Software Engineer-WSO2 Inc. Mobile: *+94719154640* Email: ros...@wso2.com *WSO2, Inc. :** wso2.com <http://wso2.com/>* lean.enterprise.middleware. ___ Arch

Re: [Architecture] [APIM][C5] API Manager entities(APIs/Applications/Docs etc..) permission model and group sharing.

delete the API In the same way, we can handle update operation also. -- Roshan Wijesena. Senior Software Engineer-WSO2 Inc. Mobile: *+94719154640* Email: ros...@wso2.com *WSO2, Inc. :** wso2.com <http://wso2.com/>* lean.enterprise.middleware. ___ Arch

Re: [Architecture] [Dev] [VOTE] Release WSO2 API Manager 2.0.0 RC5

ithub.com/abimarank> >> <https://twitter.com/abimaran> >> >> >> ___ >> Architecture mailing list >> Architecture@wso2.org >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> >> > > > -- > Regards, > Uvindra >

Re: [Architecture] [Dev] [VOTE] Release WSO2 API Manager 2.0.0 RC4

___ >>> Architecture mailing list >>> Architecture@wso2.org >>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>> >>> >> >> >> -- >> Best Regards, >> >> *Thilini Cooray* >> Software Engineer

Re: [Architecture] Behavior of OAuth 2.0 Dynamic Client Registration

b.com/mitreid-connect/OpenID-Connect-Java-Spring-Server @maneesha, is it possible to share two payloads that you have used in create and update endpoints? Regards Roshan -- Roshan Wijesena. Senior Software Engineer-WSO2 Inc. Mobile: *+94719154640* Email: ros...@wso2.com *WSO2, Inc. :** wso2.com <

Re: [Architecture] Moving the OAuth 2.0 Dynamic Client Registration(DCR) feature to WSO2 Identity Server

ent-secret and the callback-url. > > > Similarly unregistering an OAuth 2.0 client application will take place > through a DELETE request to the registration endpoint with the > applicationName, userId(username of the application owner) and the > consumerKey taken in as query parameter

Re: [Architecture] Identity Server

out Identity Server in > order to create users from an external app? I mean invoking some service? > > Thanks, > John > > ___ > Architecture mailing list > Architecture@wso2.org > https://mail.wso2.org/cgi-bin/mailman/listinfo/archite

Re: [Architecture] API MANAGER TOKEN

Hi, On Sat, Jan 9, 2016 at 12:03 AM, John Q <johnq3...@gmail.com> wrote: > , is there any available book of wso2? even paid? > This PDF will help you to troubleshoot ESB problems. http://wso2.com/library/articles/2014/05/wso2-esb-a-guide-to-troubleshoot/ -- Roshan Wijesena. Sen

Re: [Architecture] [APIM] Extend Subscription Workflow

ovide an API for that? -Roshan -- Roshan Wijesena. Senior Software Engineer-WSO2 Inc. Mobile: *+94719154640* Email: ros...@wso2.com *WSO2, Inc. :** wso2.com <http://wso2.com/>* lean.enterprise.middleware. ___ Architecture mailing list Architecture@wso2.org

Re: [Architecture] [APIM] Decoupling Authorization Server - Mapping existing oAuth applications with API manager.

/* *Mobile* : 812-219-6517 On Tue, Mar 10, 2015 at 12:59 AM, Roshan Wijesena ros...@wso2.com wrote: Hi Isabelle, We could see possible two use cases as below, First, let say, a person uses an external authorization server and it contains already created oauth clients. Assume

[Architecture] [APIM] Decoupling Authorization Server - Mapping existing oAuth applications with API manager.

-manger.xml config file. Regards Roshan. -- Roshan Wijesena. Senior Software Engineer-WSO2 Inc. Mobile: *+94719154640* Email: ros...@wso2.com *WSO2, Inc. :** wso2.com http://wso2.com/* lean.enterprise.middleware. ___ Architecture mailing list Architecture

Re: [Architecture] BAM 3.0 REST APIs for AnalyticsDataService / Indexing / Search

/mailman/listinfo/architecture -- Roshan Wijesena. Senior Software Engineer-WSO2 Inc. Mobile: *+94719154640* Email: ros...@wso2.com *WSO2, Inc. :** wso2.com http://wso2.com/* lean.enterprise.middleware. ___ Architecture mailing list Architecture@wso2.org

Re: [Architecture] What is the best/wso2 way to authenticate REST endpoints.

: ruchirawageesha.blogspot.com http://ruchirawageesha.blogspot.com, mobile: +94 77 5493444 %2B94%2077%205493444* ___ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture -- Roshan Wijesena. Senior

Re: [Architecture] API Manager Authorization Server Decoupling

on IS, when using IS as an Authorization Server. But the suggested change alone would not make it possible, since GW calls getAllURITemplates operation, which is only available in APIKeyValidationService, to get the Authentication Scheme of a resource. -- Roshan Wijesena. Senior Software

Re: [Architecture] ES, Need a Content Field

Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture -- Roshan Wijesena. Senior Software Engineer-WSO2 Inc. Mobile: *+94752126789* Email: ros...@wso2.com *WSO2, Inc. :** wso2.com http://wso2.com/* lean.enterprise.middleware

Re: [Architecture] [AF] Datasources for PHP application type

() [1]. [1] http://php.net/manual/en/function.shell-exec.php Regards Roshan. -- Roshan Wijesena. Senior Software Engineer-WSO2 Inc. Mobile: *+94752126789* Email: ros...@wso2.com *WSO2, Inc. :** wso2.com http://wso2.com/* lean.enterprise.middleware