Pin based oAuth

Not applicable

Does Apigee do pin based oAuth right out of the box? For example see https://dev.twitter.com/oauth/pin-based

If not right out of the box, how can I implement this using Edge?

0 1 262
1 REPLY 1

Dear @Shruti Majithia ,

Great Question, Welcome to Apigee Community 🙂

AFAIK, You will have all the control to implement same. You need to implement same in your OAuth login app.

  • You can take an additional parameter in Auth Code Request to determine pin based oAuth.
  • Generate Auth Code 2.0 using OAuth 2.0 policy and modify response based on above additional parameter.
  • Based on the response instead of redirecting same in your login app you display the Auth Code in browser itself. Apigee can generate auth code using OAuth 2.0 "GenerateAuthorizationCode" , once it's generated you can modify the response send to login app based on oAuth type & use the same logic either to display on screen or redirect back to the Application.

At the end of the day, It's all APIs. Generating Auth Code, Getting Access Token from Auth code. You can modify your client logic however you would like to. Instead of redirecting to callback url , you will display same on screen in your login app.