This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Where TO configure oAuth2 server in apigee

Posted on 01-31-2017 05:13 AM
Not applicable
Reply posted on --/--/---- --:-- AM

Hi,

When we use oAuth2 for authentication in apigee, which oAuth2 server apigee points to by default?

What configuration i need to change to point to some particular oAuth2 server?

Solved Solved
0 2 295
Topic Labels
Jump to Solution
0 Likes
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
DChiesa
Staff
Reply posted on --/--/---- --:-- AM

The documentation explains how OAuth works in Apigee Edge.

To answer your question: Apigee Edge can act as an OAuth v2.0 token dispensary. As an API Publisher, you can register new clients (= apps) in Edge, and obtain credentials (id + secret) for those apps. You can configure an OAuth token endpoint so that these client apps can request tokens, via any grant type you choose. You can specify how the tokens will be generated, how to verify user credentials in the case of a password grant, how long the tokens should last, and so on.

As for "pointing to some particular OAuth2 server" - I don't know exactly what that means, but in general you do not need to do that, if you use Apigee Edge.

If you can be more specific about your question, I can provide more information in an expanded answer.

View solution in original post

Jump to Solution
0 Likes
2 REPLIES 2

Posted on --/--/---- --:-- AM
DChiesa
Staff
Reply posted on --/--/---- --:-- AM

The documentation explains how OAuth works in Apigee Edge.

To answer your question: Apigee Edge can act as an OAuth v2.0 token dispensary. As an API Publisher, you can register new clients (= apps) in Edge, and obtain credentials (id + secret) for those apps. You can configure an OAuth token endpoint so that these client apps can request tokens, via any grant type you choose. You can specify how the tokens will be generated, how to verify user credentials in the case of a password grant, how long the tokens should last, and so on.

As for "pointing to some particular OAuth2 server" - I don't know exactly what that means, but in general you do not need to do that, if you use Apigee Edge.

If you can be more specific about your question, I can provide more information in an expanded answer.

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
Not applicable
Reply posted on --/--/---- --:-- AM

@Dino

Could you post a step by step the scenario as you said?

A app published with clients in Edge, and obtain jwt token for those apps with Oauth2?

I read and watched you post JWT Policies in Apigee Edge but i could glue together the JWT policy and the Oauth2.

Do i need to create a proxy which has the Oath2 and thr resulto of access token is a JWT policy?

Jump to Solution
0 Likes