This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

How to get Product environment from request OauthV2 Credentails

Posted on 08-07-2023 06:56 AM
vysyarajusantos
Bronze 5
Bronze 5
Reply posted on --/--/---- --:-- AM

Hello folks,

How to know the API product details(name and environment) when I receive a request to generate Access Token? We know below details when we receive request but I would like to know the product details associated with the credentials. Could you please someone help me?

  1. apigee.developer.app.name
  2. apigee.developer.email
  3. apigee.developer.id 

 

Solved Solved
1 3 148
Topic Labels
Jump to Solution
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
dchiesa1
Staff
Reply posted on --/--/---- --:-- AM

You can gain access to such information within the API Proxy, using the AccessEntity policy. It will retrieve information based on the client_id. 

Example configuration

<AccessEntity name='AE-Developer-From-ClientID'>
  <EntityType value='developer' />
  <!-- 
    The thing referenced by the ref attribute must be the name of 
    a context variable containing a client ID (aka consumer key).
  -->
  <EntityIdentifier type='consumerkey' ref='client_id' />
</AccessEntity>

This documentation shows the data you get back from that policy.  It will get information about the developer, but not the app !

If you want information on the app, such as the app name, then you need a different AccessEntity policy. 

<AccessEntity name='AE-App-From-ClientID'>
  <EntityType value='app' />
  <EntityIdentifier type='consumerkey' ref='client_id' />
</AccessEntity>

This documentation shows what you get from that. It includes the app name. 

Why do you want this stuff?  Why is it important to know that stuff, before you issue the token? You get that information implicitly AFTER the token has been generated. So it seems ... unnecessary to explicitly query it, before you try to issue a token. 

View solution in original post

Jump to Solution
3 REPLIES 3

Posted on --/--/---- --:-- AM
dchiesa1
Staff
Reply posted on --/--/---- --:-- AM

You can gain access to such information within the API Proxy, using the AccessEntity policy. It will retrieve information based on the client_id. 

Example configuration

<AccessEntity name='AE-Developer-From-ClientID'>
  <EntityType value='developer' />
  <!-- 
    The thing referenced by the ref attribute must be the name of 
    a context variable containing a client ID (aka consumer key).
  -->
  <EntityIdentifier type='consumerkey' ref='client_id' />
</AccessEntity>

This documentation shows the data you get back from that policy.  It will get information about the developer, but not the app !

If you want information on the app, such as the app name, then you need a different AccessEntity policy. 

<AccessEntity name='AE-App-From-ClientID'>
  <EntityType value='app' />
  <EntityIdentifier type='consumerkey' ref='client_id' />
</AccessEntity>

This documentation shows what you get from that. It includes the app name. 

Why do you want this stuff?  Why is it important to know that stuff, before you issue the token? You get that information implicitly AFTER the token has been generated. So it seems ... unnecessary to explicitly query it, before you try to issue a token. 

Jump to Solution

Posted on --/--/---- --:-- AM
vysyarajusantos
Bronze 5
Bronze 5
Reply posted on --/--/---- --:-- AM

We deployed accesstoken as a separate API Proxy which generates accesstoken for multiple API proxies and we have 3 different environments for all of our applications. I would like to throw an error if i receive a request to qa loadbalancer url, qa accesstoken api proxy with dev credentials.

As accesstoken api proxy is common for multiple environments and multiple api proxies, I had to keep same accesstoken under "dev product" and "qa product". It generates access token even if we send cross environment credentials.

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
dchiesa1
Staff
In response to vysyarajusantos
Reply posted on --/--/---- --:-- AM

I see.  OK that makes sense to me.

Jump to Solution
0 Likes
Top Solution Authors
View all