Disabling Security for APIs

An API can be invoked without authentication by disabling security. Pick one of the following methods to disable security depending on the Choreo Connect mode you have chosen.

Mode Method
Choreo Connect with MWARE ESB as a Control Plane Via MWARE ESB Publisher Portal
Choreo Connect as a Standalone Gateway By Updating the OpenAPI Definition

Via MWARE ESB Publisher Portal

Follow the steps given in Disabling Security for APIs.

By updating the OpenAPI definition

APIs can be exposed without requiring any authentication (i.e. disable transport security and application security) using the OpenAPI extension x-wso2-disable-security . This extension is supported at API, resource, and operation levels. The following is an example of how you can disable security for an API.

openapi: 3.0.0
info:
  version: 1.0.0
  title: Petstore
x-wso2-disable-security: true
  paths:
    "/pet/findByStatus":
      get:
paths:
 "/pet/findByStatus":
    x-wso2-disable-security: true
    get:
      tags:
      - pet
      summary: Finds Pets by status
      description: Multiple status values can be provided with comma separated strings
      operationId: findPetsByStatus
paths:
 "/pet/findByStatus":
    get:
      x-wso2-disable-security: true
      tags:
      - pet
      summary: Finds Pets by status
      description: Multiple status values can be provided with comma separated strings
      operationId: findPetsByStatus
Top