Hi While trying to get a fine grained access control implemented for apis using WSO2 Identity server, I came across [1] which provides a high level guide to get it done, then going forward I referred [2] which discusses $subject.
In [1] it mentions using WSO2 IS set up as the key manager for WSO2 API Manager, whereas in [2] the first step describes only on setting up a common user store between the two products. As [3] indicates, setting up WSO2 IS as the key manager contains some additional configurations. So in order to get fine grain access control implemented, will just setting up a common user store be sufficient or does the IS as the key manager setup as mentioned in [1] is required? [1] https://medium.facilelogin.com/thirty-solution-patterns-with-the-wso2-identity-server-16f9fd0c0389 - Fine-grained access control for APIs [2] https://docs.wso2.com/display/AM210/Enabling+Role-Based+Access+Control+Using+XACML [3] https://docs.wso2.com/display/AM210/Configuring+WSO2+Identity+Server+as+a+Key+Manager Thanks Erandi -- *Chathurika Erandi* Senior Software Engineer, WSO2 Inc. *E-mail:* [email protected] *Mobile: *+94714 328 612 *Blog*: chathurikaerandi.blogspot.com
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
