Digital Transformation . API . Integration . IAM

If you are using WSO2 API Manager for managing the API's lifecycle, it's important to understand the flow when API Manager gets shutdown. So, whether you're running WSO2 API Manager in production or a test environment, it's critical to understand how it shuts down. A graceful shutdown ensures that no in-flight API requests are abruptly cut off, database connections are properly closed, and services stop cleanly. In this post, we’ll break down the sequence of events that occur when you shut down WSO2 API Manager, and why it matters. So, what Triggers the Shutdown? Shutdown can be initiated in several ways: Pressing Ctrl + C on the terminal 1. Running the shutdown script: ./wso2server.sh stop Or  ./api-manager.sh stop 2. Sending a termination signal: kill -15 <PID> Any of these methods initiate a graceful shutdown via a JVM shutdown hook, which delegates the shutdown process to the Carbon runtime environment WSO2 is built upon. Series of Events : Behind the Scenes 1...

  This article is about sharing an important achievement with my readers. I’m thrilled to share an exciting milestone in my journey with WSO2 – I’ve been officially recognized as a WSO2 Ambassador for the year 2025!  Being named a WSO2 Ambassador is not just a title – it's a reflection of my commitment to empowering the community through knowledge-sharing, mentorship, and real-world implementation of WSO2 technologies. Over the years, I’ve had the privilege to work extensively with the WSO2 ecosystem, from API Manager and Micro Integrator to Identity Server, across various digital transformation projects. Official Announcement:  https://wso2.com/library/blogs/introducing-the-wso2-ambassador-program/ What This Means to Me This recognition reinforces my passion for open-source middleware and motivates me to contribute even more actively to the community. As a WSO2 ambassador, I'll get direct support from WSO2 team to amplify my impact and establish myself as a thought ...

In this blog post I'll share my experience in fixing the issue for APIs loading in publisher and devportal of WSO2 API Manager v3.2.  My WSO2 API Manager instance was running fine with respective functionality. I stopped the server due to infra/maintenance activity and started the same after 2 days. However, my publisher portal was opening, and login works fine but I found an issue post login in  Publisher  portal and the Developer. Portal  The Publisher and Developer Portal fail to retrieve APIs, displaying an HTTP 500 error. This blog post explores the root cause and solution for this problem. Environment WSO2 APIM v3.2.0.xxx DB- MSSQL Server as database OS- RHEL The Issue In a recent scenario, WSO2 API Manager’s Publisher and Developer Portal were failing to list APIs, showing an HTTP 500 error. The error trace in the logs pointed to a failure in searching for APIs: ApisApiServiceImpl Error while retrieving APIs org.wso2.carbon.apimgt.api.APIManagementEx...

Cross-Origin Resource Sharing (CORS) is a critical mechanism that allows web applications to securely interact with resources from different origins. In WSO2 API Manager (APIM), configuring CORS correctly is essential for ensuring seamless API consumption. However, sometimes things don’t go as planned, even when the configurations seem correct. In this blog, I’ll share my experience of troubleshooting a CORS issue in WSO2 APIM v3.2 and how I resolved it. Environment Openshift Based deployment WSO2 API Manager v3.2 Problem Statement Despite applying the correct CORS configurations via the WSO2 APIM Publisher portal on a per-API basis, the API calls were failing with the following CORS error: Access to XMLHttpRequest at 'http://192.190.29.1/api/getdetails' from origin 'null' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. This error i...

WSO2 API Manager (APIM) provides several mechanisms to block or restrict API access based on specific conditions. These blocking conditions can be used to control access to APIs, protect resources, and enforce security policies. Here are the main blocking conditions available in WSO2 APIM and we can enforce the same by creating the denial policies via admin portal (https://localhost:9443/admin) 1. IP Address Blocking Description : Blocks or allows API access based on the client's IP address or range of IP addresses. Use Cases : Preventing access from known malicious IP addresses. Restricting access to specific APIs from certain regions or networks. Allowing access only from trusted IP addres...