We have 3 types of endpoint security in Wso2 apim:
I am using Oauth2. You can see UI of endpoint security configurations here:
My question is: if we have many users, how will endpoint authenticating be done? Per user? Or using cache for the API?
A cache is maintained here per API. You can check the code - https://github.com/wso2/carbon-apimgt/blob/master/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/mediators/oauth/OAuthTokenGenerator.java#L65