Wednesday, August 9, 2017

Tips on using environment variables in WSO2 Integration Cloud

Environment variables allow you to change an application's internal configuration without changing its source code. Let’s say you want to deploy the same application in development, testing  and production environments. Then database related configs and some other internal configurations may change from one environment to another. If we can define these configurations as an environment variables we can easily set those without changing the source code of that application.

When you deploy your application in WSO2 Integration Cloud, it lets you define environment variables via the UI. Whenever you change the values of environment variables, you just need to redeploy the application for the changes to take effect.

Predefined environment variables
Key Concepts - Environment Variables provides you some predefined set of environment variables which will be useful when deploying applications in WSO2 Integration Cloud.

Sample on how to use environment variables
Use Environment Variable in your application provides you an sample how to use environment variables in WSO2 Integration Cloud.

Bulk environment variable upload
If the environment variable list is high, then entering one by one to the Integration Cloud UI is bit awkward. You can upload them all as a JSON file

Sample json file:


Use REST API to manipulate environment variables
WSO2 Integration Cloud provides an REST API to get/add/update/delete environment variables

Get version hash Id
curl -v -b cookies -X POST -d 'action=getVersionHashId&applicationName=app001&applicationRevision=1.0.0'

Get environment variables per version
curl -v -b cookies -X POST -d 'action=getEnvVariablesOfVersion&versionKey=123456789'

Add environment variable
curl -v -b cookies -X POST  -d 'action=addRuntimeProperty&versionKey=123456789&key=ENV_USER&value=amalka'

Update environment variable
curl -v -b cookies -X POST -d 'action= updateRuntimeProperty&versionKey=123456789&prevKey=ENV_USER&newKey=ENV_USERNAME&newValue=amalkasubasinghe'

Delete environment variable
curl -v -b cookies -X POST -d 'action=deleteRuntimeProperty&versionKey=123456789&key=ENV_USERNAME'

Code samples to read environment variables for different app types
Here are sample code to read environment variables from different app types, which are supported by WSO2 Integration Cloud.

Tomcat/Java Web Application/MSF4J


string dbUrl = system:getEnv("ENV_DATABASE_URL");


print getenv('ENV_DATABASE_URL');


You can use script mediator to read the environment variable in the synapse configuration. Please find the sample proxy service. Here, we get the property ENV_DATABASE_URL which is defined as the environment variable.

<?xml version="1.0" encoding="UTF-8"?>
<proxy xmlns=""
         <script language="js"><![CDATA[
             mc.setProperty("envDatabaseURL", java.lang.System.getenv("ENV_DATABASE_URL"));
        <log level="custom">
           <property expression="$ctx:envDatabaseURL"
                     name="EnvDatabaseURL: "/>


Where ENV_DATABASE_URL is the name of the variable we wish to access.

var process = require('process');
print(process.getEnvs()); // json objectprint(process.getEnv('ENV_DATABASE_URL')); // string

Saturday, July 29, 2017

Stop nginx decoding query paramaters on proxy pass

When using nginx in front of several applications, In coming requests come to the nginx as encoded parameters but it reached to the backend application as decoded parameters. Because of that backend application rejects the massage since it accept encoded parameter.

In order to solve this problem, with the following configuration we can stop decoding query parameters at the nginx level.

location /t/ {
                proxy_set_header X-Real-IP $remote_addr;
#               proxy_next_upstream error timeout invalid_header http_500;

The parameter added as $request uri is the full original request URI (with arguments)

Monday, July 17, 2017

How to block a particular user from accessing an API

1. Login to Admin Dashboard from the admin user. (

2. Click Black List under the Throttle Policies section and click Add Item (Refer to the screenshot below)

3. Select the condition type as the user and give the full qualified username as the value and click blacklist. (Refer to the screenshot below)

For example, if you want to block the user from invoking APIs, you have to provide the value as by appending the organization key at the end of the username with '@' character. 

If you follow the above steps, the user will not be able to invoke APIs. Also please note that if you blacklist, the user will not be able to invoke any API until you remove the blacklist policy.

How to use FHIR connector in WSO2 Integration Cloud

In WSO2 Integration Cloud, we provide WSO2 ESB as an app type. So you can configure to FHIR connector on WSO2 ESB.  

At the moment we don't have a specific document on configuring the FHIR connector on WSO2 Integration Cloud. But, we have included an example document [1] on how to configure a sample (Twitter) connector. This is a general guide a user can follow, it shows how to create a CAR file and import it onto the Integration Cloud.

For information on configuring the FHIR connector, you can follow the document here.[2]

Please note that if you wants to add custom server certificates into the client truststore or requires any custom configurations, you need to create custom docker image and deploy it in WSO2 Integration Cloud. [3]

Sunday, July 16, 2017

How to insert a Getting started guide into my WSO2 API Store

Let's say I have published a API and I want to let my API store users how they can use the API.

Currently this can be done by adding API documentation. So with this you will need to add the documentation to each API. The documentation types supported in the API Publisher are as follows:
Please refer [1] for more information regarding this. 

If your requirement is to add a generic guide to the store unfortunately this is something not possible at the moment. 

How to allow WSO2 cloud team to access your tenant

Sometimes, you may require to access your tenant by WSO2 cloud team, to investigate a issue, do some configurations changes on behalf of you, etc...

This blog will say how you can allow WSO2 cloud team to access your tenant.

1. Go to cloud organization management portal:

2. Click on check box (Allow Access to WSO2 Support) inline with your tenant name

Later you can remove it clicking on the check box agina.

Monday, June 19, 2017

How to remove a thumbnail from an API

Let's say you have created an API in API cloud and you have added thumbnail image to it. Now you want to remove it.

When you go to the edit api view it allows you to change the thumbnail, but not remove. Let's see how we can remove it.

1. login to the carbon console of gateway node as tenant admin

2. Go to Resource -> Browse under main menu

3. Go to "/_system/governance/apimgt/applicationdata/provider" 

4. Click on the relevant tenant - you will see list of APIs (eg:

5. Select relevant API - you will see api artifact   (eg: api1 under version 1.0.0)

6. Click on "api" - you will see list of meta data for that api

7. Remove the thumbnail value from attribute "Thumbnail"

8. Save the API

9. Then logout from the API publisher UI and login in incognito window, you will see thumbnail has removed from your API.