Hi All,

In last few weeks I was facing issue to configure third party oauth-authorization_code grant type in Apigee. The document specifies about client_credentials  grant type, that works as expected. But the same doesn't work for authorization_code grant type. After multiple researches I finally found the solution. I share the process here for others.

For authorization_code grnat type there are two phases.

1. phase one is storing the code in Apigee. You need to use one flow which will store code in Apigee and this will use oauth 2.0 generate authorization code policy with third party oauth true and also the oauth_external_authorization_status variable true before policy.

2. In second phase you need to store the access token and refresh token, in the same way as phase one, but with generate access token oauth 2 policy.

Note: You need to send the client_id in formparam to both the oauth policies as mandatory parameters and this client_id will be of Apigee not of 3rd party.

ref: https://github.com/ajitavorg/apigee-3rd-party-authorization-code-grant