An organization can have multiple environments with heterogeneous deployments patterns and configurations. These environments can have different APIs. WSO2 API Manager supports creating fully automated CI/CD pipelines for APIs and maintaining the lifecycle of API, changing environment-specific configurations throughout the CI/CD process.

In simple terms one of the main objectives…


Open Policy Agent (OPA) is a general-purpose policy engine gives you the ability to define fine-grained policy control at all levels of the stack, and more importantly, decouple the definition of policy from the enforcement of it. …


Cellery is a novel code first approach for building, integrating, running and managing composite applications on Kubernetes. While using your existing container images, you can achieve many more things on top of them with minimum effort. Refer Cellery official website for more information about Cellery

Cellery provides a mechanism of…


Command Line Applications are programs that you interact with entirely through your terminal and shell. They have no graphics or visual interface beyond what you see in your terminal after you run the program.

Well how you can use browser based Single Sign On for such an application ? …


Have you ever worried about the authentication mechanism which docker registry uses ? If not, probably you might have never used/hosted a private docker registry for your organization. If you have had one, you should have came across what the docker authentication mechanism is. …


Also known as application proxy or application-level proxy, an application gateway is an application program that runs between two networks. When a client program establishes a connection to a destination service, it connects to an application gateway, or proxy. The client then negotiates with the proxy in order to communicate…


With this post I will be going through how you can authenticate to your kubernetes API server through WSO2 Identity Server. Well, with this method you don’t need to have separate users in your kubernetes cluster. You can manage users through your cooperate Identity Provider itself. (Any IDP which supports…


This is a rare case which might occur under certain circumstances. One of them is if you are not using temporary session data persistence. …


Private Key JWT Client Authentication is an authentication method that can be used by clients to authenticate to the authorization server when using the token endpoint. In this authentication mechanism, only the clients that have registered a public key, signed a JWT using that key, can authenticate.

The JWT must


Recently I had the requirement to authenticate incoming requests to a CXF webapp. …

Hasintha Indrajee

Technical Lead — WSO2, Focused on IAM

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store