A comprehensive portfolio of my open-source contributions, bug fixes, technical writing, and real-world implementation of WSO2 technologies.
Clear, accurate documentation is the backbone of any great product. I actively contributed to the WSO2 API Manager documentation by resolving open issues and improving clarity.
Fixed inaccuracies and updated configurations in the APIM documentation to ensure developers have a seamless onboarding experience.
wso2/docs-apim/pull/11559Resolved missing steps in a tutorial and clarified specific deployment architectures for API Manager.
wso2/docs-apim/pull/11560Addressed formatting issues and broken links within the developer guide, enhancing overall readability.
wso2/docs-apim/pull/11561Diving into the source code of WSO2 API Manager to resolve a critical runtime issue related to JWT Claim Based Access Control.
When users authenticated, modern Identity Providers passed multiple roles as a JSON array in the JWT
(e.g., "roles": ["value1", "value2"]). The API Gateway's
`ClaimBasedResourceAccessValidationMediator` assumed claims were simple Strings.
When it tried to cast a `List` (Collection) to a `String`, it threw a ClassCastException, crashing the Gateway thread and returning an HTTP 500 Internal Server Error instead of safely blocking the request (403 Forbidden).
I rewrote the claim extraction logic to be type-aware using Java's instanceof. I built a
helper mechanism to safely flatten any incoming data type (String, Collection, or Array) into a
List<String>.
This prevents crashes, gracefully looping through the array and returning a proper 403 Forbidden if validation fails. Tested extensively via JUnit and Gateway smoke tests.
Sharing knowledge with the developer community through technical writing.
A detailed, step-by-step article explaining how I leveraged WSO2's powerful API Management capabilities to build a secure, robust gateway for my SaaS product, complete with real-time insights from Choreo.
I successfully deployed WSO2 API Gateway and Choreo Analytics in a production-like environment to secure and monitor my SaaS product's License Server.
This architecture ensures secure API invocations utilizing robust authentication protocols, rate limiting, and comprehensive observability via Choreo. Below are screenshots demonstrating the active implementation.
Validating my knowledge through official WSO2 channels.
Status: Currently Following Course
I am actively completing the practitioner-level certification course. Upon completion, I will sit for the official certification exam to formalize my expertise in API development and management.
I'm always excited to take on new projects and collaborate with innovative minds.