This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Implicit Grant: Generate Access token on console

Posted on 11-03-2016 12:59 PM
Not applicable
Reply posted on --/--/---- --:-- AM

Hi,

I implemented Implicit grant, but is is generating access token only in Apigee Edge Trace, not in console using curl command:

curl -X POST -H 'Content-Type: application/x-www-form-urlencoded' 'https://org_name-test.apigee.net/oauth/implicit?response_type=token&client_id=xxxxxxxx&redirect_uri=http://callback-example.com' -H 'Content-Length: 0'

I have:

<OAuthV2 name="GenerateAccessTokenImplicit">
    <Operation>GenerateAccessTokenImplicitGrant</Operation>
    <GenerateResponse enabled="true"/>
</OAuthV2

In Trace i can see the token:

http://callback-example.com#scope=&expires_in=1799&access_token=xxxxxxxxx

Is there a way to see the token value in console when i call from my command line?

Thanks,

Kumud

0 4 783
Topic Labels
0 Likes
4 REPLIES 4

Posted on --/--/---- --:-- AM
nmallesh
New Member
Reply posted on --/--/---- --:-- AM

Hi @Kumud Gautam,

Kindly look for Location header in the response for redirectUri and the appended access token.


With <GenerateResponse> enabled, the policy returns a 302 Location redirect in the response header. The redirect points to the URL specified in the redirectUri parameter and is appended with the access token and token expiration time. Note that the implicit grant type does not support refresh tokens.

https://callback-example.com#expires_in=1799&access_token=In4dKm4ueoGZRbIYJhC9yZCmTFw5

If <GenerateResponse> is set to false, the policy does not return a response. Instead, it populates the following set of flow variables with data pertaining to the access token grant. (In your case, for instance)

oauthv2accesstoken.GenerateAccessTokenImplicit.access_token 	
oauthv2accesstoken.GenerateAccessTokenImplicit.expires_in

Refer : Implementing Implicit Oauth Grant Type for more details.

Hope this helps, thank you.

Posted on --/--/---- --:-- AM
kumudgautam-1
New Member
In response to nmallesh
Reply posted on --/--/---- --:-- AM

@Nisha Mallesh

Thanks for the reply.

I agree with you, If <GenerateResponse> is set to false i get a 200 OK and i see the access token value in Apigee trace as below:

apigee.access_token : xxxxxxxxxx

But I want to see the access token value in my Console when i run my curl command or through POSTMAN client. I cannot go back to Apigee trace to get the value of access token every time i use implicit grant.

Is there a way to generate the access token on the console or using Postman for Implicit grant?

Please suggest.

Thanks,

Kumud

0 Likes

Posted on --/--/---- --:-- AM
aswinsegu
Bronze 1
Bronze 1
In response to kumudgautam-1
Reply posted on --/--/---- --:-- AM

You can make use of Assign Message Policy that can give you back the following variables as a part of response body after the Access token is generated

oauthv2accesstoken.GenerateAccessTokenImplicit.access_token 	
oauthv2accesstoken.GenerateAccessTokenImplicit.expires_in
0 Likes

Posted on --/--/---- --:-- AM
akoo
New Member
Reply posted on --/--/---- --:-- AM

Please ensure that whatever client you are using to see the response that you can see the full 302 response. When using cURL, this means you will want to use the -v parameter.

0 Likes