Enterprise platform for API + Security + Integration

Client → API Gateway → Microservices
             ↑
          WSO2
      (Auth + Token)

1. User logs in to WSO2
2. WSO2 gives JWT access token to client
3. Client sends token to microservice
4. Microservice validates token using Spring Security
5. Access granted

1️⃣ API Management

• Create, publish, secure, and monitor APIs
• Control who can access APIs
• Track usage and performance
• WSO2 API Manager

2️⃣ Identity & Access Management (IAM)

• Single Sign-On (SSO)
• OAuth2 / OpenID Connect
• User authentication & authorization
• Role-based access control