This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Does Apigee support custom oAuth2 flows?

Posted on 04-05-2018 08:53 PM
deshgupta2
New Member
Reply posted on --/--/---- --:-- AM

Hi,

I am relatively new to Apigee.

My need is to build a custom OAuth2.0 flow.

Here is the Happy path flow:

1. Present login screen to users

2. Authenticate users through particular backend service

3. Generate auth code

4. Generate access and refresh token using auth code.

Will anyone please suggest me or direct me to some link, where I can get some solution of this requirement.

Solved Solved
0 5 284
Topic Labels
Jump to Solution
0 Likes
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
ssisodiya
New Member
Reply posted on --/--/---- --:-- AM

Hi @Desh Gupta,

if you are taking reference from given example by @Dino than check policy AM-RedirectToLoginApp.xml, in that file they are writing login page URL.

You can have a look of below docs and example -

https://docs.apigee.com/api-platform/security/oauth/oauth-v2-policy-authorization-code-grant-type

https://github.com/apigee/api-platform-samples/tree/master/sample-proxies/oauth-advanced

Understand first whole flow and used steps, try to follow the given steps in git example and upload the proxy and debug and understand the whole flow and later do the required changes for your requirement.

Still you have any doubt, feel free to revert me back as I have done authorization-code custom and third party integration.

Thanks,

Sartaj Sisodiya

View solution in original post

Jump to Solution
5 REPLIES 5

Posted on --/--/---- --:-- AM
DChiesa
Staff
Reply posted on --/--/---- --:-- AM

You haven't Hi - Apigee Edge supports OAuthV2, including all of the grant types specified in RFC 6749 - password, client credentials, implicit, and authorization code.

You can build token dispensers for any of those flows using Apigee Edge.

Your description seems to be of an authorization code flow. This isn't "custom". I don't see how the flow you are describing is different than a standard Authorization Code flow as described in RFC 6749. Is it different?

If you want auth code flow, check this out. It's a hands-on exercise that allows you to deploy your own 3-legged (Authorization code) flow into Apigee Edge. It's a DEMONSTRATION, so of course it's not ready for production use. But using that exercise, you can get to know what's possible.

Make sure you really understand the different flows and whether you need password grant or authorization code flow. If you want password grant, there is a similar hands-on exercise here.

Jump to Solution

Posted on --/--/---- --:-- AM
deshgupta2
New Member
In response to DChiesa
Reply posted on --/--/---- --:-- AM

Thanks for reply. Yes, I was looking for Auth code flow.

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
deshgupta2
New Member
In response to DChiesa
Reply posted on --/--/---- --:-- AM

HI Dino, Thanks for response. Can you please help me regarding how I can get the my own custom login screen instead of Default one. Can you please provide some pointer for that.

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
ssisodiya
New Member
Reply posted on --/--/---- --:-- AM

Hi @Desh Gupta,

if you are taking reference from given example by @Dino than check policy AM-RedirectToLoginApp.xml, in that file they are writing login page URL.

You can have a look of below docs and example -

https://docs.apigee.com/api-platform/security/oauth/oauth-v2-policy-authorization-code-grant-type

https://github.com/apigee/api-platform-samples/tree/master/sample-proxies/oauth-advanced

Understand first whole flow and used steps, try to follow the given steps in git example and upload the proxy and debug and understand the whole flow and later do the required changes for your requirement.

Still you have any doubt, feel free to revert me back as I have done authorization-code custom and third party integration.

Thanks,

Sartaj Sisodiya

Jump to Solution

Posted on --/--/---- --:-- AM
deshgupta2
New Member
In response to ssisodiya
Reply posted on --/--/---- --:-- AM

Thanks Sartaj. I appreciate.

Jump to Solution
0 Likes