Layer7 API Management

  • Private Community

  • 1.  How to retrieve access token in oauth 2.0

    Posted Mar 14, 2018 10:28 AM

    Hello folks,

    I am using Oauth 2.0 .I cant see Retrieve Oauth2 Token assertion in my palatte.

    I am able to get access token in the URL form after clicking on Grant button in the below format:

     

    http://gateway:port/client_api#access_token=dc6758a7-b153-4813-9bbc-ea80d57c3495&expires_in=3600&token_type=Bearer&scope=oob.

     

    Could you please tell me how to fetch the access token from the URL and display all required things on callback URL page.



  • 2.  Re: How to retrieve access token in oauth 2.0
    Best Answer

    Broadcom Employee
    Posted Mar 14, 2018 10:54 AM

    Hi Sonia,

     

    The 'Retrieve OAuth 2.0 Token' assertion is included with MAG. It looks you are using the implicit grant, in this case the hash fragment is not directly accessible to the server. You would need to use client side scripting, ie: JavaScript to extract this.

     

    Retrieve OAuth 2.0 Token Assertion sample policy 

     

    Alternatively, there is a sample here demonstrating how to replace the hash fragment with a query parameter which will be accessible directly by the Gateway via ${request.http.parameter.access_token}.

     

    Sample Policy for converting a URL hash fragment into a query parameter 

     

    Regards,

    Joe



  • 3.  Re: How to retrieve access token in oauth 2.0

    Posted Mar 18, 2018 07:09 AM

    Thank you so much Joe.