Hi Harsha, On Thu, Feb 22, 2018 at 5:33 PM, Harsha Kumara <[email protected]> wrote:
> Hi All, > > This is to discuss the security of REST APIs exposed from carbon-auth and > carbon-apimgt components. We are mainly using OAuth as primary protection > for the REST APIs and scopes are used as the authorization purposes. > Currently following APIs are exposed from the components lies in these two > main repositories. > > *carbon-apimgt* > > Protected APIs with OAuth > - /api/am/publisher/v1.0 - Publisher REST APIs > - /api/am/store/v1.0 - Store REST APIs > - /api/am/admin/v1.0 - Admin REST APIs > - /api/am/analytics/v1.0 - Analytic REST APIs > > We have another REST API called core API (/api/am/core/v1.0) which is for internal server communications. This is planned to secure by mutual ssl. Thank you! -- *Pubudu Gunatilaka* Committer and PMC Member - Apache Stratos Senior Software Engineer WSO2, Inc.: http://wso2.com mobile : +94774078049 <%2B94772207163>
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
