部分回答問題:
1.能的範圍限定和使用招搖文件進行分配?
是的。您需要首先在「x-wso2-security」下全局定義它們,並使用「x-scope」元素將它們分配給資源。
請看下面的例子。
swagger: '2.0'
paths:
/*:
get:
responses:
'200':
description: ''
x-auth-type: Application & Application User
x-throttling-tier: Unlimited
x-scope: api1_read
post:
responses:
'200':
description: ''
parameters:
- name: Payload
description: Request Body
required: false
in: body
schema:
type: object
properties:
payload:
type: string
x-auth-type: Application & Application User
x-throttling-tier: Unlimited
info:
title: api1
version: '1.2'
x-wso2-security:
apim:
x-wso2-scopes:
- name: read api name
description: ''
key: api1_read
roles: admin
您是否在添加資源前使用「添加範圍」按鈕正確添加範圍..? – Malintha