This handler challenge is because I have to modify the Authorization header when I call to the backend system. Using the oAuth2, out of the box feature, APIM is calling the backend as standard way Authorization: Bearer base64encode(client_id,client_secret) but this particular use case needs to call to the backend system using a diferent Authorization header-> Authorization: base64encode, with a particular behabiour, needs use the base64encode key generated by the previous call of the token service.

Documentation Reference: https://apim.docs.wso2.com/en/latest/reference/customize-product/extending-api-manager/extending-gateway/writing-custom-handlers/ https://apim.docs.wso2.com/en/latest/reference/config-catalog/#synapse-handlers

Deployment process:

1. Move the generated jar file into this folder <APIM_HOME>/repository/components/dropins

2. Modify deployment.toml with this: enabled_global_handlers= ["custom_logger"] [synapse_handlers] custom_logger.name= "CustomAPIAuthenticationHandler" custom_logger.class= "org.wso2.carbon.test.CustomAPIAuthenticationHandler"

3. Modify the file APIM_HOME/repository/resources/conf/templates/repository/conf/synapse-hanlders.xml.j2 adding a new line:

Pablo!