Layer7 API Management

  • Private Community

  • 1.  OAuth 2.0 _ CA API as authorization server

    Posted Aug 23, 2018 03:56 PM

    Hi,

     

    Am working on policy manager 9.1 and OAuth took kit 3.4. Am trying to setup a policy where CA API works as authorization server.

     

    I have made a policy to generate token which looks like below snip.

     

     

    and here are the values am passing from Postman, but still am not able to generate token. Not sure my approach is correct, can any one guide me if possible with sample policy.



  • 2.  Re: OAuth 2.0 _ CA API as authorization server

    Posted Aug 23, 2018 06:48 PM

    Hello,

     

    I'm not sure if this is just for the screenshot example, but I noticed your client ID and client secret are the same values, which doesn't seem quite right. Is it possibly as simple as those fields containing the wrong values?

     

    If you can please include the full error you'd receive when you send the request, that will likely be quite helpful for us to narrow down what may be going on.



  • 3.  Re: OAuth 2.0 _ CA API as authorization server

    Broadcom Employee
    Posted Aug 24, 2018 02:06 AM

    Hello,

     

    How did you register your OAuth2 client in the OAuth Manager?
    Please confirm the values of "client_key" and "secret" by clicking "LIST KEYS" button on your client entry.

    "Client ID" and "Client Secret" can be passed as a part of query string in the token URL. For example:

     

    https://<API Gateway host:port>/auth/oauth/v2/token?grant_type=client_credentials&client_id=<client_key>&client_secret=<secret>

     

    This HTTP request must be sent by the POST method and "Content-Type: application/x-www-form-urlencoded" must be set in the request header.

     

    Cheers,
    Seiji



  • 4.  Re: OAuth 2.0 _ CA API as authorization server

    Posted Aug 24, 2018 07:23 AM

    Thanks Seiji & Dustin for response.

    Please find the snip from OAuth manager list keys.

     

    Modified Access Token URL to send parameters with token URL and passed content type and Authorization in header with client secret.

     

     

    Snap from Postman consol:

     

     

    My policy name is: OAuthtest, snip from my policy now I disabled all parameters and header values in policy



  • 5.  Re: OAuth 2.0 _ CA API as authorization server

    Posted Aug 24, 2018 07:43 PM

    The error in your Postman call states "Missing or duplicate parameters". That implies to me that you are either missing a parameter, have a duplicated parameter, or further you could be misnaming a parameter or using the wrong method.

     

    Have you reviewed the expected OAuth call styles in the documentation? This may help point you in the right direction for formatting your request: OAuth Request Scenarios - CA API Management OAuth Toolkit - 4.3 - CA Technologies Documentation 



  • 6.  Re: OAuth 2.0 _ CA API as authorization server

    Broadcom Employee
    Posted Dec 18, 2018 09:44 PM

    Good evening,

     

    Were you able to resolve the issue? What was the final result?

     

    Sincerely,


    Stephen Hughes
    Broadcom Support



  • 7.  Re: OAuth 2.0 _ CA API as authorization server

    Posted Dec 19, 2018 01:47 AM

    Hi Stephen,

     

    I could resolve the issue, I have recreated everything as per suggestion and could generate the token.

     

    Regards,

    Tarunraj



  • 8.  Re: OAuth 2.0 _ CA API as authorization server

    Posted Feb 06, 2019 04:31 PM

    Hi Tarunraj,

     

    Is there any way that you could post or send me a template of how you made/set the API Gateway as an Authorization Server? I am trying to do the same and tried to follow your same layout from the content above. I am just unsure of the workflow of a policy etc to construct that?