Hi Niveathika, Are we securing event simulator apis as well ?
Regards, Damith On Mon, Oct 30, 2017 at 12:38 PM, Niveathika Rajendran <[email protected]> wrote: > Hi all, > > The use case in accessing Stream Processor API's are as follows, > > 1. Dashboard front end APIs > > These are API's which the user users to access dashboards he/she will > create. > > These will be protected by using an Authentication API through which the > access token obtained by the login will be split into 2 and saved as > cookies. Authentication API will act as a proxy for the IdPClient OSGi > service. > > 2. Dashboard back end API's > > These will use the IdPClient OSGi service to get the access tokens using > client credential grant type which can be used to access other API's with > Bearer authorization headers. > > > 2. Databridge > > Here, the data bridge authentication is only done through basic > authentication. Oauth2 token validation is mocked through passing token > requests using password grant type. This is because the events will be sent > with Basic authorization headers and not with Bearer headers > > > For more info in SP IdP integration please refer[1]. > > @Identity-Team, Could you provide feedback on the mechanisms used in > securing API's. > > [1] [Architecture] Securing Product Apis and Product artifacts in Stream > Processor > > -- > Best Regards, > *Niveathika Rajendran,* > *Software Engineer.* > *Mobile : +94 077 903 7536 <+94%2077%20903%207536>* > > > > -- > You received this message because you are subscribed to the Google Groups > "WSO2 Engineering Group" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/a/wso2.com/d/optout. > -- Senior Software Engineer WSO2 Inc.; http://wso2.com <http://www.google.com/url?q=http%3A%2F%2Fwso2.com&sa=D&sntz=1&usg=AFQjCNEZvyc0uMD1HhBaEGCBxs6e9fBObg> lean.enterprise.middleware mobile: *+94728671315*
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
