Agree with Ruwan's point that we should not keep credentials per tenant.
But, passing tenantId as a query parameter to API seems a security
concern. This provides capability to access some other tenant's device
list to any of the tenant having valid access token. One way that I could
think of to
Hi All,
I think REST connector should have single endpoint. The rest call can have
tenant ID in a header or as a request parameter. Then the API gateway(
API-Manager) should be able to distinguish the respective endpoint if
necessary. This is a functionality of APIM.
The reasons are,
1. REST
Hi Sajith,
We could not keep each and every tenant authentication configuration in
app-manager.xml, due to dynamic nature of tenant creation and the growth.
appmgt.mdm.rest.connector is the default connector that we provided to
connect with WSO2EMM. We could keep it's configurations in the
Hi All,
EMM supports multi-tenancy it is designed to work with one instance of App
> Manager via OSGI services. When they work together they function as one
> product, hence EMM and App Manager share same tenants across the multi
> tenanted environment.
>
This means we don't need to keep the
Hi Dinusha,
EMM supports multi-tenancy it is designed to work with one instance of App
Manager via OSGI services. When they work together they function as one
product, hence EMM and App Manager share same tenants across the multi
tenanted environment.
This is a special scenario where AppM