Add application Specific Custom Attributes in WSO2 API Manager

WSO2 API Manager provides support to add configurable attributes to application from version 2.5.0 onward.

Application specific attributes can be easily defined in api-manager.xml (It can be found in <APIM-Home>/repository/conf directory). It can be defined in following format:

<ApplicationConfiguration>
   <ApplicationAttributes>
      <Attribute required="true">
         <Name>Application_Attribute_Name</Name>
      </Attribute>
   </ApplicationAttributes>
</ApplicationConfiguration>

The defined application attributes can be viewed in Application Creation page. Refer the screenshot given below:

Figure 1. Add Application Page

Since, we have marked this attribute as required, UI validation is there to make this value as mandatory. Any numbers of field can be defined in api-manager.xml to enable application creators to give application specific attributes.

After adding application, these attributes can be viewed in the application listing page. Refer the screenshot below for a sample application:

Figure 2. View Application Page

Passing Application Specific Attributes to Back-end

API Manager provides feature to send user specific attributes to back-end via JWT (Refer 1 for more detailed information).

If a user subscribed using the application for which attributes are defined, when invoking the API, these attribute information will be sent in the generated JWT. I am providing an example decoded payload of JWT with application attributes information:

{
  "http://wso2.org/claims/role": [
    "Application/admin_Backend_PRODUCTION",
    "Internal/subscriber",
    "Internal/creator",
    "Application/admin_DefaultApplication_PRODUCTION",
    "Internal/publisher",
    "Internal/everyone",
    "admin"
  ],
  "http://wso2.org/claims/applicationtier": "Unlimited",
  "http://wso2.org/claims/keytype": "PRODUCTION",
  "http://wso2.org/claims/version": "1.0",
  "http://wso2.org/claims/applicationAttributes": {
    "Application_Attribute_Name": "attribute_value"
  },
  "iss": "wso2.org/products/am",
  "http://wso2.org/claims/applicationname": "Backend",
  "http://wso2.org/claims/enduser": "admin@carbon.super",
  "http://wso2.org/claims/enduserTenantId": "-1234",
  "http://wso2.org/claims/applicationUUId": "0a52f7e2-b2a8-46b1-9fbe-4ee74c0deeab",
  "http://wso2.org/claims/subscriber": "admin",
  "http://wso2.org/claims/tier": "Unlimited",
  "exp": 1560770283,
  "http://wso2.org/claims/applicationid": "2",
  "http://wso2.org/claims/usertype": "APPLICATION",
  "http://wso2.org/claims/apicontext": "/test/1.0"
}[1]https://docs.wso2.com/display/AM260/Passing+Enduser+Attributes+to+the+Backend+Using+JWT

Please note that in 2.6.0 GA release, application attributes values are handled as string. Hence these quoted marks are escaped. We have fixed this behavior thorough a WUM update. Therefore if you try the scenario in a GA pack, the results would be as:

{
  "http://wso2.org/claims/role": [
    "Application/admin_Backend_PRODUCTION",
    "Internal/subscriber",
    "Internal/creator",
    "Internal/publisher",
    "Internal/everyone",
    "admin"
  ],
  "http://wso2.org/claims/applicationtier": "Unlimited",
  "http://wso2.org/claims/keytype": "PRODUCTION",
  "http://wso2.org/claims/version": "1.0.0",
  "http://wso2.org/claims/applicationAttributes": 
       "{\"Application_Attribute_Name\":\"attribute_value\"}",
  "iss": "wso2.org/products/am",
  "http://wso2.org/claims/applicationname": "Backend",
  "http://wso2.org/claims/enduser": "admin@carbon.super",
  "http://wso2.org/claims/enduserTenantId": "-1234",
  "http://wso2.org/claims/subscriber": "admin",
  "http://wso2.org/claims/tier": "Unlimited",
  "exp": 1560786241,
  "http://wso2.org/claims/applicationid": "2",
  "http://wso2.org/claims/usertype": "APPLICATION",
  "http://wso2.org/claims/apicontext": "/pizzashack/1.0.0"
}

^_^