0

I need to expose an api via WSO2 Api-Manager and I want protect my api not with oAuth2 but via SAML autentication, actually I need to use the APi-Manager as SAML SP. Therefore I need protect the may api and if a user isn't authenticated on SAML IDP presents the SAML IDP login page. Is it possible do that with WSO2 Api-Manger or the SAML OSS is releated only for Web SSO for /carbon, /pubblish and /store web app?

thank you for the help!

1 Answer 1

Reset to default
2

OAuth2 is for authorization. You can use SAML for authentication and use APIM's SAML grant type to get an OAuth2 token using the SAML assertion.

https://docs.wso2.com/display/AM210/SAML+Extension+Grant

Not the answer you're looking for? Browse other questions tagged or ask your own question.