search

wso2 / api-manager

All issues, tasks, improvements and new features of WSO2 API Manager
Apache License 2.0
34 stars 8 forks source link

Validating User Api Access from Database #3102

Open cdeveloper10 opened 2 weeks ago

cdeveloper10 commented 2 weeks ago

Description

I recently integrate Wso2 APIM With Identity Server 4 and Want To Access To Backend API with Identity server 4 as Token manager the full configuration is done but when wso2 wants to check user's API access runs this Query in Database :

exec sp_executesql N'SELECT AM_APPLICATION.UUID, AM_APPLICATION_KEY_MAPPING.APPLICATION_ID,AM_APPLICATION_KEY_MAPPING.CONSUMER_KEY,AM_APPLICATION_KEY_MAPPING.KEY_TYPE,AM_KEY_MANAGER.NAME AS KEY_MANAGER,AM_APPLICATION_KEY_MAPPING.STATE FROM AM_APPLICATION_KEY_MAPPING,AM_KEY_MANAGER,AM_APPLICATION WHERE AM_KEY_MANAGER.UUID = AM_APPLICATION_KEY_MAPPING.KEY_MANAGER AND AM_APPLICATION_KEY_MAPPING.APPLICATION_ID = AM_APPLICATION.APPLICATION_ID AND AM_APPLICATION_KEY_MAPPING.CONSUMER_KEY = @P0 AND AM_KEY_MANAGER.NAME = @P1 AND AM_KEY_MANAGER.ORGANIZATION IN ( @P2 , @P3 )',N'@P0 varchar(8000),@P1 varchar(8000),@P2 varchar(8000),@P3 varchar(8000)','null','IS4_2','carbon.super','WSO2/System'

as you can see there is 'null' value as parameter @P0 assigned to AM_APPLICATION_KEY_MAPPING.CONSUMER_KEY

i want to know why this parameter has 'null' value because the Client_id in the claim exists and there is also the Client_id in the Identity server Introspect service

Steps to Reproduce

1 - Generate Client in the Dev portal for Identity server 4 2 - Generate Access token with first step Credential 3- Call Wso2 APIM Services that users Subscribed to

Affected Component

APIM

Version

4.3

Environment Details (with versions)

No response

Relevant Log Output

No response

Related Issues

No response

Suggested Labels

No response

AnuGayan commented 1 week ago

Could you please verify the API Manager and IS product versions that you are trying out?

cdeveloper10 commented 1 week ago

Wso2 apim 4.3.0

AnuGayan commented 1 week ago

You have mentioned that you use an Identity Server as well, What would be the version of that. I believe it's a WSO2 Identity Product.

cdeveloper10 commented 3 days ago

Thank for your Response The Problem Is Solved I Noticed That Each Key Manager Type That Define in Wso2 Admin Console Has Its Own Subscription Validation Model.

At First I Used KeyClock as Key Manager Type And Then I Tried Wso2 Identity Server 7 To Link With Identity Server 4 And Now Everything Works Just Fine with Wso2 Identity Server 7 as Key Manager Type.