Upgrading API Manager from 1.10.0 to 3.1.0

The following information describes how to upgrade your API Manager server from APIM 1.10.0 to 3.1.0.


Before you follow this section, see Upgrading Process for more information.

Before you Begin

  1. This release is a WUM-only release. This means that there are no manual patches. Any further fixes or latest updates for this release can be updated through the WSO2 Update Manager (WUM).

    • If you are upgrading to this version, in order to use this version in your production environment , use the WSO2 Update Manager and get the latest available updates for WSO2 API Manager 3.1.0. For more information on how to do this, see Updating API Manager.
  2. Before starting the upgrade, run the token and session cleanup scripts in the databases of the environment, if you are not doing regular cleanups.

Follow the instructions below to upgrade your WSO2 API Manager server from APIM 1.10.0 to 3.1.0 .


If you are using WSO2 Identity Server (WSO2 IS) as a Key Manager, follow the instructions in Upgrading WSO2 IS as the Key Manager to 5.10.0.

Step 1 - Upgrade WSO2 API Manager to 2.6.0


It is not possible to directly upgrade from WSO2 API Manager 1.10.0 to 3.1.0.

Upgrade your current WSO2 API-M version (1.10.0) to WSO2 API-M 2.6.0 as expained in the WSO2 API-M 2.6.0 documentation.

Step 2 - Upgrade WSO2 API Manager to 3.1.0

After you have successfully migrated your current WSO2 API-M version to 2.6.0, upgrade from API-M 2.6.0 to API-M 3.1.0. For more information, see Upgrading API Manager from 2.6.0 to 3.1.0.

This concludes the upgrade process.


The migration client that you use in this guide automatically migrates your tenants, workflows, external user stores, etc. to the upgraded environment. Therefore, there is no need to migrate them manually.


If you are using a migrated API and wants to consume it via an application which supports JWT authentication (default type in API-M 3.1.0), you need to republish the API. Without republishing the API, JWT authentication doesn't work as it looks for a local entry which will get populated while publishing.

You can consume the migrated API via an OAuth2 application without an issue.