Publish an Open API/ Public API using WSO2 API Manager

Publish APIs that don’t require Authentication to invoke

Usually APIs are secured using some kind of protocol. More commonly using OAuth these days.


What if you or your company as a API provider, want to expose an API(or particular API resource in a given API) which doesnt need authentication.

Which means its an Open API / Public API

This is how we can accomplish it using WSO2 API Manager.

To make an API open , In WSO2 API Manager we need to disable oauth protection for all the resources in API, in the Manage section while publishing the API.

Start creating an api, go up to Manage section.

In the Manage section go to resource management. There you can see resource oauth protection option.

There are few options : Application & Application User, Application, Application User and None.

Select None from there. Then your API resource is not secured. It can be invoked without any kind of token.

set resoure protection to None

Note : If you have multiple resources in your API, then you need to set ‘None’ to each and every API resource to make whole API public. Or you can have mix of protected/unprotected or open/closed resources in one single API.

This is a short post, but I guess this is a common requirement and people are searching for ways to do it. Thats why I thought of publishing this thing as a blog post in my medium profile :) Hope you found it useful !!