When an OAUTH token is part of the flow, one can retrieve information associated with the token. For example the application name or the developer id.
How can you retrieve the same values as part of a policy where client credentials have been provided (e.g. "Authorization: Base64-encoded{key:secret}")?
Solved! Go to Solution.
You can use the Access Entity policy to look up this and other types of information:
http://docs.apigee.com/api-services/reference/access-entity-policy
You could also just use a ValidateApiKey policy on the decoded client id. Would be worth trying both to see if there's a benefit to one over the other.
You can use the Access Entity policy to look up this and other types of information:
http://docs.apigee.com/api-services/reference/access-entity-policy
You could also just use a ValidateApiKey policy on the decoded client id. Would be worth trying both to see if there's a benefit to one over the other.
Thanks @Carlos Eberhardt. After reading through the docs for both approaches, I went with the `VerifyAPIKey` policy.
In case anyone does not realize it, the "API Key" is the "key" portion of your app's key/secret pair.
For those interested, this is what I did:
1. Upload base64.js as a script
2. New JS policy (with `<IncludeURL>jsc://base64.js</IncludeURL>`) that parses `Authorization` header for the encoded credentials, calls `Base64.decode` on them, and gets the API Key (section before the colon)
3. Save API key as variable (`apikey`) using `context.setVariable`
4. Add "VerifyAPIKey" policy, named "ApiKey" with `<APIKey ref="apikey"/>`
Subsequent policies now have access to the values associated with the key using the syntax:
verifyapikey.ApiKey.{property}
For example:
verifyapikey.ApiKey.developer.email
Glad you got it working as desired.
You could simplify (arguably) a bit further if you wanted by using the built in Basic Authentication policy. Check out the "inbound decoding" example here: http://docs.apigee.com/api-services/reference/basic-authentication-policy
User | Count |
---|---|
1 | |
1 | |
1 | |
1 | |
1 |