This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Is it possible to allow my API Clients do send me the access token either in Authorization header or in "access_token" query param, and make the OAuthV2 Policy look at one with is present to Verify the token?
You can use one assign message policy before verify token policy. In the assign message set the Authorization header to request.queryparam.access_token
For the assign message policy set a condition when request.queryparam.access_token not equals to null or empty string.
Ok, so, its not possible to OAuthV2 Policy look at access_token present information (either Authorizarion header or querypam), i have to make a workarround to make its possible, right?
LinkedIn
Twitter
