Message Image

Skip main navigation (Press Enter).

Layer7 API Management

Back to discussions

Expand all | Collapse all

Assertion to check Access Token

Jump to Best Answer

deactivated userJan 11, 2018 09:43 AM

Hi, I want to know if there's an assertion (Gateway 9.2) which can check the access token generated ...

Joe DascoleJan 12, 2018 11:12 AMBest Answer

Hi XiaoningSUN82376054 , The assertion 'OTK Require OAuth 2.0 Token' can be used lookup and validate ...

1. Assertion to check Access Token

0 Recommend
deactivated user
Posted Jan 11, 2018 09:43 AM

Reply Reply Privately
Hi,
I want to know if there's an assertion (Gateway 9.2) which can check the access token generated by an authorization server (OTK or not OTK). The check includes the presence and encyption of access token.
Kind Regards
2. Re: Assertion to check Access Token
Best Answer

1 Recommend
Broadcom Employee

Joe Dascole
Posted Jan 12, 2018 11:12 AM

Reply Reply Privately
Hi XiaoningSUN82376054,

The assertion 'OTK Require OAuth 2.0 Token' can be used lookup and validate a token generated by the OTK. The tokens are not encrypted. For tokens issued by an external authorization server it is likely best to utilize their introspection endpoint (if implemented).

Secure an API Endpoint with OAuth 2.0 - CA API Management OAuth Toolkit - 4.2 - CA Technologies Documentation

Regards,
Joe

Copyright 2023. All rights reserved.

Powered by Higher Logic