Solved: Defining global variables / keys - access token an...

Report Inappropriate Content · 09-20-2015 02:16 AM

Hi

I built my first API console but in each API method I needed to include these 2 authentication keys:

access_token and customer ID.

For example:

https://{munchkinId}.mktorest.com/?<access_token>;

This requires the user to insert these 2 keys every time he switches API method.

I am wondering what will be the easiest way to allow users to insert these keys only once?

Thanks!

akoo

Hi Yanir,

Assuming the customer ID doesn't need to change with the access token, a good approach to your concern is to use custom attributes and attach them to access tokens. Documentation on doing that can be found here. The idea is that, through this way, only the access token needs to be passed in with API calls. Then upon using VerifyAccessToken (or getOAuthV2Info policy) Apigee Edge will extract the customer ID.

After VerifyAccessToken, the custom attribute can be accessed via accesstoken.{custom_attribute}. After getOauthV2Infopolicy, the custom attribute can be access via oauthv2accesstoken.{policy_name}.accesstoken.{custom_attribute_name}.

View solution in original post

birute

@Marsh Gardiner is this something you can help or know who could?

akoo

Hi Yanir,

Assuming the customer ID doesn't need to change with the access token, a good approach to your concern is to use custom attributes and attach them to access tokens. Documentation on doing that can be found here. The idea is that, through this way, only the access token needs to be passed in with API calls. Then upon using VerifyAccessToken (or getOAuthV2Info policy) Apigee Edge will extract the customer ID.

After VerifyAccessToken, the custom attribute can be accessed via accesstoken.{custom_attribute}. After getOauthV2Infopolicy, the custom attribute can be access via oauthv2accesstoken.{policy_name}.accesstoken.{custom_attribute_name}.

Defining global variables / keys - access token and customer ID