Hi All, We have to secure the APIs in EMM(is a SAAS) in multi tenant environment. We have added Oauth to secure the APIs. There are two approaches to follow.
1. Generate Client key and Client secret for super tenant and subscribe APIs to all other tenants. There we need to have only one Client key and Client secret for all tenants. Only super tenant should subscribe for all APIs through the APIM. 2. Generate Client key and Client secret per tenant and and publish APIs per tenant. Every teant should subscribe for all APIs through APIM, which are subscribed by super tenant admin. Currently we are working on *2nd* approach. Please let us know your thoughts on this approach. Thank you. -- Best Regards, Krishanthi Bhagya Samarasinghe Senior Software engineer Mobile: +94 716028280
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
