Digital Transformation . API . Integration . IAM

I recently encountered a strange issue with API visibility in the publisher portal. Here is what happened and how I overcome to this issue- Environment WSO2 APIM- v3.2.x Openshift: 4.x MSSQL Database 19.x Using PV/PVC for synapse-config and executionplans Problem Statement : There was OpenShift upgrade happened and we have restart the server i.e. re-creation of the pods. This has caused an issue in API listing inside publisher portal. We have verified the API in the database system but the same was not visible in the publisher portal. When we tried to re-create the same via publisher portal; it didn't worked and we got an error that the API exists with the same context. Root Cause:  These issues occurs due to indexing issues and not limited to underlying infra upgrade. This may happen due to multiple reasons that causes indexing failure Solution: Re-building the index solves this issue in following ways- Option 1:  Open the management console/ carbon portal and click on the resourc

This is JWT (JSON Web Token) debugger basic version where if you enter a correct JWT, debugging will be performed and header, payload & signature data is displayed. All operations are done at client side only. Debug JWT! Reset! eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6Ikt1bWFyIEdhdXJhdiIsImlhdCI6MTUxNjIzOTAyMn0.sNKLqSVJces_BwPM2ujoMZC7ZwKlMJRKiBsr53ROH7w Debug JWT! Reset!

In this blog I'll share the snippets used to export the public key & private key from a PFX file. Sometimes we have to perform the data encryption/decryption using the digital signature by taking the public key(so called as SSL certificate or public keys)  to encrypt the data and private key to decrypt the data. Let's take the sample DSCs provided by eMudhra- https://www.e-mudhra.com/Repository/ I have taken " e-Mudhra sub CA for Class 3 Individual 2014"  for this blog. This zip contains two files as- Class 3 individiual test_encryption.pfx- For data encryption/decryption Class 3 individiual test_Signature.pfx- For signing the document We'll take the file  Class 3 individiual test_encryption.pfx for this blog and follow the below steps to obtain the public key & private key. A linux machine with openssl utility Run the following command to extract the private key openssl pkcs12 -in Class_3_individiual_test_encryption.pfx -nocerts -out private_key.key If pr

I have created this simple page to convert plain text into base64encoded and the vice versa Encode >> << Decode

Few of my colleagues are frequently asking me about API Testing related questions that API Tester should know. Here is a byte of some questions I found on internet- What is API Testing and Why API Testing? Is there any difference between SOAP and REST API testing? If so, how? Key things you test in an API - let's say a GET API to fetch a list of 5 records with id and name GET vs POST POST vs PUT vs PATCH - example for each What do you mean when you say PUT is idempotent? Conditions for idempotency? Do you follow any strategy for sending large payloads in POST. Is it a good idea to have assertions for request headers when testing apis? How do you get a request header in Rest-Assured? If I send a text file as an input in a POST call, what will be the content-type? Key things to test when you API response feeds into a down stream system? URI vs URL - with a simple example. What is JWT and it's format. How does JWT authentication works? Do you know if caching is applied in the rest

Problem Statement We have created a custom docker image for WSO2 APIMv3.2.x and deployed the same in OpenShift cluster 4.x. However, the pods won't getting in Ready state and below error observed while checking the events (oc get events) wso2am-pattern-1-am-1-deployment-0 in StatefulSet wso2am-pattern-1-am-1-deployment failed error: pods "wso2am-pattern-1-am-1-deployment-0" is forbidden: unable to validate against any security context constraint: [provider "anyuid": Forbidden: not usable by user or serviceaccount, spec.initContainers[0].securityContext.runAsUser: Invalid value: 1000670000: must be in the ranges: [1000710000, 1000719999], spec.containers[0].securityContext.runAsUser: Invalid value: 1000670000: must be in the ranges: [1000710000, 1000719999], provider "nonroot": Forbidden: not usable by user or serviceaccount, provider "hostmount-anyuid": Forbidden: not usable by user or serviceaccount, provider "elasticsearch-scc": F