Hi Dustin,
The flow looks a bit more like this:
Client (Body1) > Gateway Service 1(Body2)> OAuth Token Issuer/IdP > Gateway Service 1(Body1+Token) > URL Endpoint> Client
Here are samples of what the body would look like:
Body1 =
{
"name": "Experian",
"city": "somewhere",
"state": "CA",
"subcode": "#####",
"street": "something",
"zip": "azipcode",
"phone": "########",
"taxId": "######",
"geo": true,
"comments": "testing",
"modelCode": "000224",
"matchReliabilityCode": 83,
"commercialScore": true,
"fsrScore": true
}
Body2 = "Username, Password, Client ID, and Client Secret"
1. The client will send a post request with (Body1) to the gateway service.
2.The gateway service will then need initiate a call to IDP for token using (Body2) because the IdP s expecting that specific format of the body.
3. When it gets the token and comes back to the gateway, the service will need to then route to the URL Endpoint using the OAuth token in the Authorization header and the body would have to be (Body1).
- The Oauth Token IdP is looking for a "Username, Password, Client ID, and Client Secret" in the BODY.
- The Url Endpoint is looking for the Oauth Token in the header, and the Body from the initial call to the gateway from the client (Body1).
I hope this makes it more clear.
Thanks for your help, I appreciate it!