Layer7 API Management

  • 1.  Is there a way to record which application is using the oauth tokenstore the most?

    Posted Aug 03, 2015 05:17 PM

    To create meaningful metrics from it? Is this included with CA APIM 8.1 in any fashion, or can a policy be sketched for this?

     

    This is from a customer that is requesting that their business needs to know how many requests hit a specific endpoint for oauth v2 token for a specific application id, is there a way to display this?



  • 2.  Re: Is there a way to record which application is using the oauth tokenstore the most?

    Posted Aug 05, 2015 11:13 AM

    You can capture the identity of the requestor using the eponymously named assertion: Capture Identity of Requestor Assertion - CA API Gateway - 8.4 - CA Wiki. This will provide additional context when using ESM for generating reporting metrics. You can use message context mapping values from that assertion to map to certain values using ESM's reporting. This is predicated on using and licensing ESM appropriately. If you are not using ESM then you can still use the Capture assertion but you would need to manually search through the Gateway Audit Event Viewer. There is a long-term plan to create more robust APIs around metrics and utilization but the capabilities are pretty limited at this time.



  • 3.  Re: Is there a way to record which application is using the oauth tokenstore the most?

    Posted Sep 18, 2015 04:35 PM

    On CA API Gateway 8.1 you are probably using the policy fragment "Require OAuth 2.0 Token" on any API that is protected by requiring an access_token. That fragment is setting the variable ${session.client_id} whenever an access_token was passed in. That value represents the app that is consuming that API.

    In the same policy that value could be audited to a syslog system or it could be written to a database or it could be routed to a server that knows what to do with it. Where to put it and to analyze it is up to the API developer or system administrator.