Digital Transformation . API . Integration . IAM

Cross-Origin Resource Sharing (CORS) is a critical mechanism that allows web applications to securely interact with resources from different origins. In WSO2 API Manager (APIM), configuring CORS correctly is essential for ensuring seamless API consumption. However, sometimes things don’t go as planned, even when the configurations seem correct. In this blog, I’ll share my experience of troubleshooting a CORS issue in WSO2 APIM v3.2 and how I resolved it. Environment Openshift Based deployment WSO2 API Manager v3.2 Problem Statement Despite applying the correct CORS configurations via the WSO2 APIM Publisher portal on a per-API basis, the API calls were failing with the following CORS error: Access to XMLHttpRequest at 'http://192.190.29.1/api/getdetails' from origin 'null' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. This error i...

WSO2 API Manager (APIM) provides several mechanisms to block or restrict API access based on specific conditions. These blocking conditions can be used to control access to APIs, protect resources, and enforce security policies. Here are the main blocking conditions available in WSO2 APIM and we can enforce the same by creating the denial policies via admin portal (https://localhost:9443/admin) 1. IP Address Blocking Description : Blocks or allows API access based on the client's IP address or range of IP addresses. Use Cases : Preventing access from known malicious IP addresses. Restricting access to specific APIs from certain regions or networks. Allowing access only from trusted IP addres...

In today's digital world, security is paramount, especially when it comes to the transfer of sensitive information over the internet. One of the foundational elements of securing online communications is the use of SSL (Secure Sockets Layer) certificates. SSL certificates are critical for establishing a secure connection between a web server and a client, ensuring that the data transmitted remains private and integral. This article delves into the importance of SSL certificates, the various formats they come in, and provides practical guidance on handling the PFX format, including how to convert it to other commonly used formats. The Question: Why SSL Certificates are Important? The SSL certificates provides the transport layer security and hence it's important in modern web apps accessible over http/ https protocol. Following are some of the key advantages of SSL certificates - Data Encryption -  SSL certificates encrypt the data exchanged between the client and the server. Th...

Kubernetes common errors 1. **CrashLoopBackOff**: - **Description**: A pod repeatedly crashes and restarts. - **Troubleshooting**: - Check pod logs: `kubectl logs <pod-name>`. - Describe the pod for more details: `kubectl describe pod <pod-name>`. - Investigate the application's start-up and initialization code. 2. **ImagePullBackOff**: - **Description**: Kubernetes cannot pull the container image from the registry. - **Troubleshooting**: - Verify the image name and tag. - Check the image registry credentials. - Ensure the image exists in the specified registry. 3. **Pending Pods**: - **Description**: Pods remain in the "Pending" state and are not scheduled. - Troubleshooting: - Check node resources (CPU, memory) to ensure there is enough capacity. - Ensure the nodes are labeled correctly if using node selectors or affinities. - Verify there are no taints on nodes that would prevent scheduling. 4. Node Not Ready: - Description: One or more node...