Saturday, May 27, 2017

WSO2 APIM: Partioned Publisher Groups

WSO2 API manager publisher role allows anybody in that role to create, edit and delete APIs. Sometimes, it is a requirement that this functionality should be limited to organizational units of different functional groups. This can be easily achieved by defining roles and assigning these roles to the published APIs.

First define the roles in the API manager to represent different groups.
  • publisher_finance
  • publisher_hr
  • publisher _engineering

Then register an listener for API publishing. This can be done by writing an implementation of or governance registry LC executor. When the API is published by an user,
  1. Discover the roles of the user
  2. Allow only those role to edit and delete the API by modifying the permissions of the resource representing the API.