Secure Your APIs with Asgardeo: A Step-by-Step Guide - Part 1

Achintha Isuru
4 min readJul 25, 2023
Photo by Roman Synkevych on Unsplash

Securing APIs is crucial for protecting sensitive data and ensuring the integrity of your applications. Asgardeo, a SaaS-based customer identity and access management (CIAM) solution, offers a feature that allows you to authorize user access to APIs based on assigned roles. In this article, we will guide you through the process of configuring Asgardeo to secure your APIs.

https://wso2.com/asgardeo/

Before using Asgardeo, you’ll need an Asgardeo account. If you don’t have one, you can register for a free account by clicking this link.

Once you have an account, follow these steps:

Also make sure to follow me if you haven’t done it already 😉

Asgardeo Configuration Steps:

Step 1️⃣: Register your API in Asgardeo

1. Go to the API resources section of Asgardeo and click on “+ New API Resource’’.

2. Provide the necessary details to register your API.

3. In the following step, add permissions(scopes) for the API resource. Scopes define the access level for the API and should be similar to the scope values used in your application.

4. Ensure that you select the “Requires authorization” checkbox to enable Role-Based Access Control (RBAC) for securing the API.

5. Click on “Finish” to complete the registration process.

Step 2️⃣: Authorize the API resource to an application

Before proceeding, create an application by following these steps:

1. Navigate to the applications page in Asgardeo and click on “+ New Application’’.

2. Select the appropriate application type (e.g., single-page application, mobile application, etc.) and provide the necessary details.

Now you have a new application created in Asgardeo. Go inside to the created application.

3. In the API Authorization section, authorize the API resource to the created application by clicking on “+ Authorize an API Resource”.

4. Define the permissions that the application should be allowed to access.

5. Click on “Finish” to complete the authorization process.

Step 3️⃣: Create an application role

Application roles are specific to each application. Follow these steps:

1. Go to the Roles section within the created application.

2. Click on “+ New Role”.

3. Select the necessary permissions (scopes) for the role and click “Finish” to create the role.

Step 4️⃣: Create a user

To associate a user with a role, create a user by following these steps:

1. Go to the Users interface in Asgardeo.

2. Click on “+ Add User” and provide the required details.

3. Click “Finish” to create the user.

Step 5️⃣: Create a group

To complete the association between the user and the role, create a group:

1. Go to the Groups interface in Asgardeo.

2. Click on “+ New Group” and provide a name for the group.

3. Assign the created user to the group.

4. In the roles section of the group, assign the created role to the group.

That’s it! Now you know how to secure your API resources using Asgardeo. As this article is a bit long, I will present the demonstration of this feature in another article.

Conclusion

In this article, we explored how to configure Asgardeo to secure your APIs using role-based access control. Asgardeo simplifies the process of securing your APIs, by registering your API, authorizing it to an application, creating application roles, and associating users with roles, you can establish granular access control to your APIs.

I will also bring you a demonstration of this feature in a future article as well.Until then, if you find this article useful, feel free to share this with your friends and colleagues.

Thank you, and HAPPY CODING! 👩‍💻🧑🏽‍💻👨🏿‍💻

References

https://wso2.com/asgardeo/docs/guides/api-authorization/

--

--