[Apiman-user] Securing back-end API endpoints with keycloak renders apis inaccessible via Apiman

[Cabardo, Jeanette]

Hi. Not sure if there are already posting similar to the issue I’m having (or maybe the feature may not be in place yet). My requirement is to secure the back-end API endpoints with keycloak. It was a bit of a pain because the apis were developed in node.js and there was really not a whole lot of examples or library on how to accomplish this. Anyway, I think I was finally able to do this, however, once I had put the protection in place, the endpoints stopped working in Apiman. I’m not quite sure how to forward the credentials to allow it to access the endpoints. I think the closest posting I found that may be similar to what I need is:

http://lists.jboss.org/pipermail/apiman-user/2015-March/000030.html

I guess what I wanted to find out is whether or not what I’m trying to do is possible at this time as I have researching and trying to search for more info on how to accomplish this and haven’t had any luck doing so.

I appreciate any help you can extend. Thanks in advance.

Jeanette


Notice:  This e-mail message, together with any attachments, contains
information of Merck & Co., Inc. (2000 Galloping Hill Road, Kenilworth,
New Jersey, USA 07033), and/or its affiliates Direct contact information
for affiliates is available at 
http://www.merck.com/contact/contacts.html) that may be confidential,
proprietary copyrighted and/or legally privileged. It is intended solely
for the use of the individual or entity named on this message. If you are
not the intended recipient, and have received this message in error,
please notify us immediately by reply e-mail and then delete it from 
your system.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/apiman-user/attachments/20160321/0cab8d5b/attachment.html