Configure the Header to Carry the Bearer Token

Products
Technology for your digital platform that you can run yourself, in a private cloud, or as SaaS.
API Management
Integration
Identity & Access Management
Your Digital Platform, as a Service
Platform
- Your internal developer platform as a service to quickly deliver applications.
Solutions
By Technology
- API Management
  Solutions to deliver your APIs in any environment.
- Integration
  Break down data silos, streamline workflows, and unlock insights.
- Identity & Access Management
  Create secure, unique, and compelling digital experiences with ease.
  
  Customer IAM
  
  For Consumers (B2C)
  
  For B2B Applications (B2B CIAM)
  
  For Citizens (G2C)
  
  Workforce IAM
  
  API Access Management
By Industry
- Healthcare
  Provide awesome digital experiences for payers, providers, and patients.
- Finance
  Deliver secure financial experiences at speed.
- Government
  Deliver secure and simplified digital services for governments and citizens.
Featured Blog
- Implementing an Event-Driven GraphQL BFF with Real-Time Notifications
  Read Blog
Resources
- Training and Certification
- Events
Featured Whitepaper
- Transactions in a Microservice World
  Read Whitepaper
Support
- Subscription
  Learn About the Benefits of a WSO2 Subscription for Commercial Use.
- Updates
  Maintain the health and security of your solution.
- Consulting Services
  A full range of services to help you get the most out of your WSO2 project.
Featured Blog
- Self Manage Your WSO2 Support Portal Users
  Read Blog
Company
- About WSO2
  Learn about who we are and our journey.
- Team
  The people behind our innovative technologies.
- Customers
  See how we’ve helped leading enterprises from around the world.
- Careers
  Discover how you can make an impact.
- Partners
  Learn about the benefits of partnering with us.
- News
  The latest updates and insights.
Customer Spotlight
- YOMA x WSO2: Building Better Banking Relationships
  Read Case Study
Community
Contact Us
EN
- French
- German
- Portuguese
- Spanish
Profile

Submitted by amilam.wso2.com on Wed, 09/12/2018 - 19:03

APIs published on the WSO2 API Cloud are secured using OAuth2.0 by default. Any client application invoking a secure published API needs to have a valid subscription to the particular API and present a valid OAuth2.0 Access Token to the API Gateway. The HTTP Authorization header is the most common method of providing authentication information for REST APIs and it is used in API Cloud as well. The application needs to have the access token in the Authorization header to authenticate the API that is being accessed. But, there can be reasons such as organizational policies, legacy backends expecting to use the authorization header for other purposes and legacy client applications which will force you to use some other header to pass the bearer token to the API gateway. WSO2 API Cloud now allows you to define your own header to carry the bearer token. This can be configured for the entire organization (all your APIs) or for certain APIs only. Configure the authorization header per API When creating a new API or editing an existing API,

Go to the “Manage” tab in the UI.
Provide the name of the header which you wish to use as the authorization header as shown below.
Save and publish the API.
When you go to the developer portal, you will be able to see the portal is ready to send the new header to the gateway.

If you want to invoke the API with cURL, following is the command. curl -X GET "<Your API URL>" -H "Accept: application/json" -H "Token: Bearer <Your Token>" Read our documentation to learn how to configure this at the organization level. Now that this cool feature is available in the WSO2 API Cloud, you will be able to connect your legacy backends and legacy clients to the API gateway without worrying about the authorization header. .entry-content img { width:100% !important; }

Implementing an Event-Driven GraphQL BFF with Real-Time Notifications

Transactions in a Microservice World

Self Manage Your WSO2 Support Portal Users

YOMA x WSO2: Building Better Banking Relationships

Configure the Header to Carry the Bearer Token

API Management

Integration

IAM

Internal Developer Platform

Solutions

Resources

Support

Company

Follow us