WSO2 api manager with keycloak auth server

Question

I am about to configure the "WSO2 API Manager", but since I have been using Keycloak as SSO server in my old applications, I would like to know if it is possible to use keycloak SSO as authentication server for "WSO2 API Manager"?

Thanks in advance!

Answer 1

Yes, its possible with a third-party Key Manager. See https://docs.wso2.com/display/AM200/Configuring+a+Third-Party+Key+Manager.

I have implemented this for OpenID Connect token support. I don't think there is an out-of-the-box solution yet.

The custom code to be written must handle two major situations:

• In API Store each created application must be linked to a Keycloak client. Therefore the application name and consumer key on API Store side must correspond to the clientId on Keycloak. The client secret from Keycloak must be retrieved to go into the corresponding consumer key in API Store.
• The key validation in the API Manager Key Manager module must be executed as token introspection request to Keycloak.