{ Community }
  • Academy
  • Docs
  • Developers
  • Resources
    • Community Articles
    • Apigee on GitHub
    • Code Samples
    • Videos & eBooks
    • Accelerator Methodology
  • Support
  • Ask a Question
  • Spaces
    • Product Announcements
    • General
    • Edge/API Management
    • Developer Portal (Drupal-based)
    • Developer Portal (Integrated)
    • API Design
    • APIM on Istio
    • Extensions
    • Business of APIs
    • Academy/Certification
    • Analytics
    • Events
    • Hybrid
    • Integration (AWS, PCF, Etc.)
    • Microgateway
    • Monetization
    • Private Cloud Deployment
    • Insights
    • IoT Apigee Link
    • BaaS/Usergrid
    • BaaS Transition/Migration
    • Apigee-127
    • New Customers
    • Topics
    • Questions
    • Articles
    • Ideas
    • Leaderboard
    • Badges
  • Log in
  • Sign up

Get answers, ideas, and support from the Apigee Community

  • Home /
  • Edge/API Management /
avatar image
0
Question by Virgo · Aug 22, 2016 at 07:08 AM · 295 Views oauth 2.0client identifier

Pass client identifier to micro service

We have an existing micro service. It takes a caller identifier as an input for reporting purpose. We are writing API to expose this service to all. We are using OAuth 2.0 so that clients can use self service mechanism & do not actually need core micro service owner for on-boarding purpose. Saying that, our micro service provider needs to keep track who has called it's APIs so it need that client identifier to be passed to micro service.

I am looking for options to find out how an I implement it. My rough idea is that

Client would register to get it's API KEY. Use the API KEY to get OAuth token. Then use OAuth token to make actual API call. There is a policy (or more) applied which would retrieve client id or name and would append it as query parameter while making the backend call.

I am not sure what tools I need to use.

Comment
Add comment
10 |5000 characters needed characters left characters exceeded
▼
  • Viewable by all users
  • Viewable by Apigeeks only
  • Viewable by the original poster
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users

Close

2 Answers

  • Sort: 
avatar image
0
Best Answer

Answer by Virgo · Aug 24, 2016 at 12:08 AM

What I have used is

Proxy Pre-Flow: "Get OAuth v2.0" Policy to set certain variables.

Then used "Assign Message" policy to set query parameter using those variables. One of the variable is "apigee.developer.app.name" which provides the relevant app name. I passed this app name to back end.

here is Get OAuth 2.0 Policy

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<GetOAuthV2Info async="false" continueOnError="false" enabled="false" name="Get-OAuth-v20-Info-1">
    <DisplayName>Get OAuth v2.0 Info-1</DisplayName>
    <AccessToken ref="apigee.access_token"/>
</GetOAuthV2Info>

Here is AssignMessage Policy

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<AssignMessage async="false" continueOnError="false" enabled="false" name="AssignMessage-SetVariable">
    <DisplayName>AssignMessage-SetVariable</DisplayName>
    <Properties/>
    <Add>
        <Headers/>
        <QueryParams>
            <QueryParam name="myQueryVar">{apigee.developer.app.name}</QueryParam>
        </QueryParams>
        <FormParams/>
    </Add>
    <IgnoreUnresolvedVariables>false</IgnoreUnresolvedVariables>
    <AssignTo createNew="false" transport="http" type="request"/>
</AssignMessage>
Comment
Add comment · Link
10 |5000 characters needed characters left characters exceeded
▼
  • Viewable by all users
  • Viewable by Apigeeks only
  • Viewable by the original poster
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users
avatar image
0

Answer by davissean   · Aug 22, 2016 at 04:53 PM

Hi Ashwani,

If you are using OAuth 2, then you can already identify the client from the access token.

When you use the OAuthV2 policy, some context variables are populated. If I remember correctly, you have developer.app.name or client_id (You can check these in the Trace view). Either of these can be used to identify your client, and set the query parameter as you suggested.

1) Verify Access Token using OAuthV2 Policy

2) Set query parameter using AssignMessage policy:

<AssignMessage name="AssignMessage">
  <AssignTo createNew="false" type="request">myRequest</AssignTo>
  <Set>
    <QueryParams>
      <QueryParam name="clientId">{client_id}</QueryParam>
    </QueryParams>
    <Verb>GET</Verb>
  </Set>
  <IgnoreUnresolvedVariables>false</IgnoreUnresolvedVariables>
</AssignMessage>

How does that sound?

Comment
Add comment Show 2 · Link
10 |5000 characters needed characters left characters exceeded
▼
  • Viewable by all users
  • Viewable by Apigeeks only
  • Viewable by the original poster
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users
avatar image davissean ♦   · Aug 22, 2016 at 04:54 PM 0
Link

If you aren't using OAuth2, only then do you need to add API Keys.

avatar image Virgo davissean ♦ · Aug 23, 2016 at 11:59 PM 0
Link

Need API KEY/Client Credentials to retrieve OAuth token.

Follow this Question

Answers Answers and Comments

52 People are following this question.

avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image

Related Questions

Client Identifier with OAuth External Authorization 4 Answers

A few questions for setting up OAuth 2.0 for the first time 1 Answer

OAuth GenerateAuthorizationCode redirect with urn not working 3 Answers

I cant find radio button "Secure with OAuth v2.0 Access Tokens" radio button 2 Answers

ApiKey from OAuth for use in Separate Proxy with Simple Verify API Key policy 1 Answer

  • Products
    • Edge - APIs
    • Insights - Big Data
    • Plans
  • Developers
    • Overview
    • Documentation
  • Resources
    • Overview
    • Blog
    • Apigee Institute
    • Academy
    • Documentation
  • Company
    • Overview
    • Press
    • Customers
    • Partners
    • Team
    • Events
    • Careers
    • Contact Us
  • Support
    • Support Overview
    • Documentation
    • Status
    • Edge Support Portal
    • Privacy Policy
    • Terms & Conditions
© 2019 Apigee Corp. All rights reserved. - Apigee Community Terms of Use - Powered by AnswerHub
  • Anonymous
  • Sign in
  • Create
  • Ask a question
  • Create an article
  • Post an idea
  • Spaces
  • Product Announcements
  • General
  • Edge/API Management
  • Developer Portal (Drupal-based)
  • Developer Portal (Integrated)
  • API Design
  • APIM on Istio
  • Extensions
  • Business of APIs
  • Academy/Certification
  • Analytics
  • Events
  • Hybrid
  • Integration (AWS, PCF, Etc.)
  • Microgateway
  • Monetization
  • Private Cloud Deployment
  • Insights
  • IoT Apigee Link
  • BaaS/Usergrid
  • BaaS Transition/Migration
  • Apigee-127
  • New Customers
  • Explore
  • Topics
  • Questions
  • Articles
  • Ideas
  • Members
  • Badges