Layer7 API Management

  • 1.  OAuth

    Posted Feb 05, 2019 03:31 PM

    The backed service provider is OAuth protected with grant_type=client_credentials, can I know what assertions we need to configure for generating OAuth token in policy manager and use it for subsequent calls in Route Via assertion.

    I'm looking for assertions which can make OAuth token call and store Authorization token in cache till it expires.

    as of now we are doing this using route via HTTPS assertion and storing result in the cache and doing a lookup on the cache and if a cache is empty we are making a token call again. please let us know if we have any standard solution.



  • 2.  Re: OAuth

    Broadcom Employee
    Posted Feb 05, 2019 04:31 PM

    Hi Anwesh,

     

    If you have MAG installed it provides an assertion 'Retrieve OAuth 2.0 Token'. This assertion can be used to generate a token, though manual caching will be needed.

     

    There is a sample policy here, it uses the Authorization code flow, but should be easily modified to use client credentials.

     

    Retrieve OAuth 2.0 Token Assertion sample policy 

     

    If you do not have MAG you may want to look at this post on creating it as an encapsulated assertion. Basically using the steps you currently defined but as an encap for ease of re-use.

     

    Policy Repository: Retrieve OAuth Token Encapsulated Assertion 

     

    Regards,

    Joe