Invoking carbon admin services with WSO2 API Manager
SOAP web services that are exposed to manage the internal functions of WSO2 products are identified as admin services. Management console exposed in carbon products talk to these admin services to provide administrative functions. I am providing steps to access these admin services using WSO2 API Manager, v2.6.0.
Under default configurations, admin services are not exposed. You need to set <HideAdminServiceWSDLs> to false in <APIM-HOME>/repository/conf/carbon.xml to view the list of admin services. After the change, re-start the server using following
./wso2server.sh -DosgiConsoleIt will start the server in OSGI console mode. Following command lists all the deployed admin services in API Manager.
listAdminServicesOutput list the service name and URL as follows:
RemoteUserStoreManagerService, RemoteUserStoreManagerService, https://localhost:8243/services/RemoteUserStoreManagerService
OAuthAdminService, OAuthAdminService, https://localhost:8243/services/OAuthAdminService
You can view the WSDL of the admin service by adding a URL post fix of “?wsdl” to its URLs. For instance to view the WSDL of OAuth admin service, browse
https://localhost:8243/services/OAuthAdminService?wsdlInvoking Admin Service using SOAP UI
You can create a new SOAP project by specifying the WSDL URL of admin service (Figure 1).
All available methods will be listed in left panel. For instance, invoking getClaims method will return all associated claims to the given scope. Basic auth header should be added with admin credentials, to authenticate. Refer figure 2.
You can then invoke the getClaims in OauthAdminService. A sample request:
<soapenv:Envelope xmlns:soapenv=”http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd=”http://org.apache.axis2/xsd">
<soapenv:Header/>
<soapenv:Body>
<xsd:getClaims>
<! — Optional: →
<xsd:scope>openid</xsd:scope>
</xsd:getClaims>
</soapenv:Body>
</soapenv:Envelope>Response:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Body>
<ns:getClaimsResponse xmlns:ns="http://org.apache.axis2/xsd" xmlns:ax2500="http://oauth.identity.carbon.wso2.org/xsd" xmlns:ax2501="http://base.identity.carbon.wso2.org/xsd" xmlns:ax2504="http://dto.oauth.identity.carbon.wso2.org/xsd">
<ns:return>sub</ns:return>
<ns:return>street_address</ns:return>
<ns:return>country</ns:return>
<ns:return>zoneinfo</ns:return>
<ns:return>birthdate</ns:return>
<ns:return>gender</ns:return>
<ns:return>formatted</ns:return>
<ns:return>preferred_username</ns:return>
<ns:return>locale</ns:return>
<ns:return>updated_at</ns:return>
<ns:return>nickname</ns:return>
<ns:return>email</ns:return>
<ns:return>website</ns:return>
<ns:return>email_verified</ns:return>
<ns:return>address</ns:return>
<ns:return>profile</ns:return>
<ns:return>locality</ns:return>
<ns:return>groups</ns:return>
<ns:return>phone_number_verified</ns:return>
<ns:return>given_name</ns:return>
<ns:return>middle_name</ns:return>
<ns:return>picture</ns:return>
<ns:return>upn</ns:return>
<ns:return>name</ns:return>
<ns:return>phone_number</ns:return>
<ns:return>postal_code</ns:return>
<ns:return>region</ns:return>
<ns:return>family_name</ns:return>
</ns:getClaimsResponse>
</soapenv:Body>
</soapenv:Envelope>The important point to consider when invoking admin services is the invocation URL should be as “https://<IP-address>:9443”, even though it is listed as “https://<IP-address>:8243 for listAdminServices command, as admin services are exposed through servlet transport, we need to use port 9443 to invoke admin service. ^_^
