Hi,
I have a requirement where i need to pass Bear token to subsequent call. I implemented the solution but looking for better solution from experts.
The solution which i implemented is to get Bear token, i used SC policy and hardcoded username, password and grant_type then extracted token from response payload.
then used AM and set the Authorization header and sending the payload to target endpoint.
This solution is working fine at this moment. Please suggest me if there is any better way to achieve the requirement.
Solved! Go to Solution.
First thing, there is a difference between a Bear and a Bearer Token. The former is a large omnivorous mammal, and the latter is an object that you can use within the OAuth2.x API authorization framework.
OK, just kidding around.
What you're doing is fine - a ServiceCallout to send credentials to an endpoint, and then ExtractVariables to extract the token from the response, and then an AssignMessage to embed the access token into the outbound request. A suggestion for improvement (you may have already considered this): use caching of the access token so that you don't obtain a new token for every outbound request. The sequence will be
Last thing. I have said this repeatedly in many places, but I'll say it again here. This line within an AssignMessage does nothing:
<AssignTo createNew='false' transport='http' type='request'/>
I suggest that you remove it.
If you run your API proxy bundle through Apigeelint, it will give you a warning about this.
Hi Dino,
yeah, I have not realized. its a Bearer token. I am trying to implement caching. few thinks are not clear for me from the APIGEE documentation regarding <Cachekey>, <KeyFragment>
and what value goes under <CacheResource>. looks like i am caching complete response from SC. is it possible to cache only access_token from response json?
currently i am passing extracted value to <KeyFragment>access_token</KeyFragment> under lookup and populate cache.
You can omit the CacheResource element.
Here's an example of "wrapping a cache" around a token retrieved with ServiceCallout.
First thing, there is a difference between a Bear and a Bearer Token. The former is a large omnivorous mammal, and the latter is an object that you can use within the OAuth2.x API authorization framework.
OK, just kidding around.
What you're doing is fine - a ServiceCallout to send credentials to an endpoint, and then ExtractVariables to extract the token from the response, and then an AssignMessage to embed the access token into the outbound request. A suggestion for improvement (you may have already considered this): use caching of the access token so that you don't obtain a new token for every outbound request. The sequence will be
Last thing. I have said this repeatedly in many places, but I'll say it again here. This line within an AssignMessage does nothing:
<AssignTo createNew='false' transport='http' type='request'/>
I suggest that you remove it.
If you run your API proxy bundle through Apigeelint, it will give you a warning about this.
Hi Dino,
yeah, I have not realized. its a Bearer token. I am trying to implement caching. few thinks are not clear for me from the APIGEE documentation regarding <Cachekey>, <KeyFragment>
and what value goes under <CacheResource>. looks like i am caching complete response from SC. is it possible to cache only access_token from response json?
currently i am passing extracted value to <KeyFragment>access_token</KeyFragment> under lookup and populate cache.
You can omit the CacheResource element.
Here's an example of "wrapping a cache" around a token retrieved with ServiceCallout.
Hi Dino,
I gone through the video's which you shared in youtube and implemented cache. I am testing it. Will let you know the results.