[Apiman-user] Plugins
Eric Wittmann
eric.wittmann at redhat.com
Thu Aug 20 15:21:18 EDT 2015
Have you marked the Service as Public by any chance? You can find that
setting on the service UI's "Plans" tab.
To make sure you really are using the plan you should *not* make your
service public - that way you can't accidentally bypass your plan(s).
Note: once you start using plans, and if you do *not* have the service
set to public, then you will not be able to invoke the service without
an API Key.
-Eric
On 8/20/2015 2:22 PM, Fadi Abdin wrote:
> I think i'm good now .. I was able to make a test service and passes
>
> but i think i found bug .. If i created a plan and set it up with same
> policies i setup directly into the service with cors and keycloak , the
> service that with the plan by passes keycloak and let me in even with
> the browser directly . but the service setup with policies directly
> inside it displays "OAuth2 'Authorization' header or 'access_token'
> query parameter must be provided." .. which is correct .
More information about the Apiman-user
mailing list