A sample policy using the 'Retrieve OAuth 2.0 Token' Assertion with the Authorization Code grant type.
This policy makes use of the OAuth 2.0 test clients (id/secret).
1. Create a new endpoint on your gateway (i.e: /redirect)
2. Import the sample policy
3. Edit the OAuth2Client test client and change the callback URL to the endpoint created in step 1
4. Access the endpoint via browser (i.e: https://gateway.com:8443/redirect)
An HTML response will be received with your token.
This policy is provided as-is without warranty or support of any kind and intended only for guidance in using the assertion. This must not be used on production systems.