This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Validate Client id and Secret without using Oauth

Posted on 08-19-2020 10:51 PM
chaudharyvaisha
New Member
Reply posted on --/--/---- --:-- AM

Hi All,

Is there any way that I can validate both client id and secret without using oauth or fetching access token first.

My requirement is using client id and secret to hit the api proxy directly not hitting oauth endpoint tand hitting api proxy endpoint with access token.

If there is any way please guide the policy or process to be used.

Same way belvo.co and plaid.com apis are implemented. But not able to identify how to achieve this is APIGEE.

1 2 234
Topic Labels
2 REPLIES 2

Posted on --/--/---- --:-- AM
Not applicable
Reply posted on --/--/---- --:-- AM

Yes, you can do api key validation and then validate the secret in the next policy which will be available in the flow and you can match against the secret you sent in the request.

You can use a raise-fault with the condition if doesn't match.

Posted on --/--/---- --:-- AM
chaudharyvaisha
New Member
In response to
Reply posted on --/--/---- --:-- AM

Yeah, thanks I was able to achieve it in the same way.

0 Likes