I'm trying to use an external access token in Apigee, but I get the following error code:
{"ErrorCode" : "invalid_client", "Error" :"Client identifier is required"}
I already have an APIkey verification policy in the flow. Should I do anything more to let the oauth policy know the client identifier?
This is my OAuth2 generate token xml:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <OAuthV2 async="false" continueOnError="false" enabled="true" name="generate-access-token"> <DisplayName>OAuth v2.0: Generate Token</DisplayName> <Properties/> <Attributes> <Attribute name="scope" ref="scope"/> <Attribute name="id_token" ref="id_token"/> </Attributes> <ExternalAuthorization>true</ExternalAuthorization> <ExternalAccessToken>access_token</ExternalAccessToken> <Operation>GenerateAccessToken</Operation> <SupportedGrantTypes> <GrantType>password</GrantType> <GrantType>authorization_code</GrantType> <!--<GrantType>refresh_token</GrantType>--> </SupportedGrantTypes> <GenerateResponse enabled="true"/> <Tokens/> <Tokens/> </OAuthV2>
APIkey verification:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <VerifyAPIKey async="false" continueOnError="false" enabled="true" name="verify-api-key"> <DisplayName>verify api key</DisplayName> <Properties/> <APIKey ref="request.header.apikey"/> </VerifyAPIKey>
Please follow the steps provided here. You need to provide the client info and the grant_type in the request (qp or form param).
You can provide the info using AssignMessage policy
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <AssignMessage name="set-external-auth-status"> <DisplayName>set-external-auth-status</DisplayName> <AssignTo createNew="true" type="request">request</AssignTo> <Set> <FormParams> <FormParam name="client_id">{request.header.apikey}</FormParam> <FormParam name="grant_type">{request.queryparam.grant_type}</FormParam> </FormParams> </Set> <AssignVariable> <Name>oauth_external_authorization_status</Name> <Value>true</Value> </AssignVariable> <IgnoreUnresolvedVariables>true</IgnoreUnresolvedVariables> </AssignMessage>
Hi @Friso Denijs - Were you able to get the external token to work by following the doc Sai recommended?
User | Count |
---|---|
1 | |
1 | |
1 | |
1 | |
1 |