AnsweredAssumed Answered

OTK/OAuth- Retrieve session data based on access token

Question asked by KoushikY on Jun 8, 2017
Latest reply on Aug 15, 2017 by KoushikY

OTK Tool Kit 3.5

 

 

1. In the authorize policy, SessionData (SessionDataJWT) is created and stored in OTK Session.

2. Is there a way to retrieve the above SessionData using access token as the cache key parameter ? 

 

What we are trying to do is the below.

 

Step 1 : App A calls OAuth - Authorization - Implemented a custom authorization policy which does the authorization and sets the grant type as Grant and then calls Consent policy. App A passes client id.

 

Step 2: The consent policy (default OTK policy) will redirect the page to App B (based on redirect uri)

 

Step 3: Now App B calls token policy by passing the code , client id and client secret. (App A is the master application and so knows the client id of App B when it initiates the authorization on step 1 above)

 

Step 4: App B gets the access token on step 3. In the next call, we want to take the access token from App B and return few parameters from SessionData created in step1 above. Could anyone please let me know on the correct cacheKey to be used to retrieve it ? The custom authorization policy has the same logic as the default authorize policy and then issues a grant on top of it. When creating the session store, cache key used is SessionID. But we don't have hold of sessionId on step4 and so want to retrieve the session based on access token.

 

Appreciate your help !

Outcomes