Defining global variables / keys - access token and customer ID
Hi
I built my first API console but in each API method I needed to include these 2 authentication keys:
access_token and customer ID.
For example:
https://{munchkinId}.mktorest.com/? >
This requires the user to insert these 2 keys every time he switches API method.
I am wondering what will be the easiest way to allow users to insert these keys only once?
Thanks!
@Marsh Gardiner is this something you can help or know who could?
Best Answer
Answer by Alex Koo
·
Sep 21, 2015 at 12:58 AM
Hi Yanir,
Assuming the customer ID doesn't need to change with the access token, a good approach to your concern is to use custom attributes and attach them to access tokens. Documentation on doing that can be found here. The idea is that, through this way, only the access token needs to be passed in with API calls. Then upon using VerifyAccessToken (or getOAuthV2Info policy) Apigee Edge will extract the customer ID.
After VerifyAccessToken, the custom attribute can be accessed via accesstoken.{custom_attribute}. After getOauthV2Infopolicy, the custom attribute can be access via oauthv2accesstoken.{policy_name}.accesstoken.{custom_attribute_name}.
