Api manager comes with user signup feature for user store by accessing API store application. One limitation in Api Manager 1.7 was that users were able to signup only to super user’s API store. Tenant users were added through the management console. Api Manager 1.8 comes with the self signup feature for tenant store as well.
To enable self signup in AM 1.7, admin has to modify following configuration in the api-manager.xml file in <AM_HOME>/repository/conf
This is removed from api-manager.xml configuration file and moved to registry location. For each tenant doman there is a sign-up-config.xml configuration file. Tenant admin can log in to the management console and edit this configuration. This way each tenant domain can have different configurations for self signup.
The configuration file related to self signup in Api Manager 1.8. this can be found in the ‘/_system/governance/apimgt/applicationdata/sign-up-config.xml‘ registry location. Login to http://localhost:9443/carbon by using tenant admin credentials
following is the configuration file
To enable self signup for tenant API store <EnableSingup> element needs to be ‘true’. Otherwise the self signup option would not be visible in the tenant store. This is ‘true’ by default for super tenant.
AM 1.8 provides option to set the user storage to store these users.<SignUpDomain> defines this. PRIMARY refers to the primary user store. This can be pointed to secondary user store as well. More on creating user stores can be found in API manager documentation related to configuring secondary user stores . The Domain name used for that user store can be used in <SignUpDomain>
<SignUpRoles> defines the roles that are assigned to the users. AM 1.8 provides facility to assign more than one role for the user by adding <SignUpRole> element inside the <SignUpRoles> element.
NOTE: These roles are not created automatically so these roles needed to be created by the admin user. See more on how to create user roles and assigning permission.IMPORTANT: At least one role has to have ‘subscriber’ permission. Otherwise user won’t be able to login to the tenant store.
After configuring this, you will be able to see the self signup button in the tenant API store
This feature can be extended by enabling user signup in workflow extension . This will enable an approval process for newly Signed up users. More information on this can be found in Api Manager documentation
No comments:
Post a Comment