Layer7 API Management

  • Private Community

  • 1.  Apply OAuth 2.0 Client Credentials on SOAP service

    Posted Feb 07, 2018 08:42 PM

    Is it possible to apply OAuth 2.0 Client Credentials grant type on an existing SOAP service? If it is possible, what are the assertions to be used and how to pass the auth_token from SOAPUI? I tried sending the details in the Header as explained below, but it does NOT work for SOAP.

     

    Client: SOAP UI:

    Header: Authorization

    Value: Bearer <auth token>

     

    Policy Manager (Policy Config):

    1) Assertion: "OTK Require OAuth 2.0 Token" (with scope string, cache 3600, false, false and access token left empty)

    2) Assertion:"Return Template Response to Requestor"

     

    Versions:

    OTK : 4.1

    API Gateway: 9.2

     

    Note: same policy config works for a REST endpoint.



  • 2.  Re: Apply OAuth 2.0 Client Credentials on SOAP service

    Broadcom Employee
    Posted Feb 08, 2018 03:55 PM

    Hello there.

     

    I'm not sure I understood your question right. Are you having issues to get an access_token from SOAPUi or to actually call an OAuth protected API injecting the token within the header?

     

    See if this could possibly help you with something: Register a new OAuth Client and Key via REST (Clientstore API) using SoapUI 

     

    Regards,

     

    --

    ac



  • 3.  Re: Apply OAuth 2.0 Client Credentials on SOAP service

    Posted Feb 13, 2018 03:20 AM

    I am able to generate access_token from SOAPUI, and able to successfully test OAuth protected REST API using that token, but  OAuth protected SOAP API doesn't work.



  • 4.  Re: Apply OAuth 2.0 Client Credentials on SOAP service

    Broadcom Employee
    Posted Feb 09, 2018 12:23 AM

    Dear ramya.behra,

    I done a quick test, "OTK Require OAuth 2.0 Token" is working fine against soap service,

    my test policy,

    my test result,

     

    Regards,

    Mark



  • 5.  Re: Apply OAuth 2.0 Client Credentials on SOAP service

    Posted Feb 13, 2018 03:22 AM

    Hi Mark,

     

    Thank you for the response.

    In fact I had the same setting in SOAP UI, but doesn't work for me. I will give it another go tomorrow.

    Which SOAPUI version are you using?

     

    Client: SOAP UI:

    Header: Authorization

    Value: Bearer <access token>

     

    Thanks,

    Ramya



  • 6.  Re: Apply OAuth 2.0 Client Credentials on SOAP service

    Broadcom Employee
    Posted Feb 13, 2018 04:53 PM

    How did you generate the access token? -- from your comment, it seems you generate access_token from SOAPUI?

     

    The access token must be a valid access token generated by OTK. I used oauth test client to generate the access token.

    (if you installed oauth test clients, you can access test client with url https://<your gateway>:8443/oauth/v2/client/authcode )

    You can use any valid oauth client to generate access token by authorizing against OTK.

     

    SOAPUI version doesn't matter, it's just a client to send request to gateway.



  • 7.  Re: Apply OAuth 2.0 Client Credentials on SOAP service
    Best Answer

    Posted Feb 21, 2018 04:02 AM

    It was my bad, I didn't provide the port no (8443) in SOAP UI when establishing connection to the API gateway. OAuth 2.0 Client credentials worked for SOAP API as well. Thanks.