Skip to content

Modify custom auth token backend documentation with working endpoint.#11599

Open
Irash-Perera wants to merge 2 commits into
wso2:4.4.0from
Irash-Perera:custom-auth-backend-4.4.0
Open

Modify custom auth token backend documentation with working endpoint.#11599
Irash-Perera wants to merge 2 commits into
wso2:4.4.0from
Irash-Perera:custom-auth-backend-4.4.0

Conversation

@Irash-Perera

Copy link
Copy Markdown

Addressed Issue: #4949

The tutorial at en/docs/api-gateway/policies/passing-a-custom-authorization-token-to-the-backend.md
instructed users to create an API using the following hosted sample backend as the endpoint:

http://wso2cloud-custom-auth-header-sample-1-0-0.wso2apps.com/custom-auth-header/validate-header

This endpoint is no longer available, so the tutorial could not be completed as written. This PR replaces the dead hosted endpoint with instructions for running the equivalent sample backend locally.

Changes

1. New step: start the sample backend server locally

A new Step 2 guides the user to run the sample validation backend from the WSO2 API Manager Samples repository (custom-auth-token-backend directory):

git clone https://github.com/wso2/samples-apim
cd samples-apim/custom-auth-token-backend
python3 server.py

PR for the sample backend in the samples-apim repository: Add sample backend server for validating custom authorization tokens #165

The server listens on http://localhost:8080, accepts any path and method, and authorizes a request only when the Authorization header is exactly Bearer 1234 - the same contract the old hosted backend implemented. It also echoes back the headers it received and logs every request to the terminal, so users can verify exactly what
the gateway forwarded to the backend.

2. Updated API endpoint

The endpoint in the API creation table now points to the local server:

http://localhost:8080/custom-auth-header/validate-header

3. Step numbering and cross-reference fixes

The step list previously had broken numbering (…5, 6, then 5, 6, 7, 24). Steps now run sequentially from 1 to 11, and in-text references ("the token that you got in step 8", "the policy that you just created by following Step 4") were updated to match.

@coderabbitai

coderabbitai Bot commented Jul 10, 2026

Copy link
Copy Markdown

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 728985a6-0c8d-4180-8aee-a9a1ad756488

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant