Hello, is there a way to verify external generated opaque access token in apigee.
yes, there are 2 ways.
For the former, the way you would do this is dependent upon the third-party system. You'd probably use a ServiceCallout policy to make that request.
For the latter, you can reference this doc page.
Hi, thanks for responding, Is there any example available for first approach, using any idp
I don't know of any example there. I suppose it will vary depending on the issuer of the token. You'd have to check the documentation of the token issuing party.
Is there any document to use ServiceCallout policy to get access token from external application