How come I'm getting acccess denied when sending valid token to the Microgateway?

Not applicable

I'm setting up a Edge Microgateway, via the instructions here, but my microgateway fails when i try to use the generated token. I use the 'edgemicro token get' command to get the token, and that returns with no problems, but once I go to use that token in my request, I get an 'access_denied'.

I went into the config.yaml file to turn off the oauth parameters by setting 'allowNoAuthorization' and 'allowInvalidAuthorization' both to true. After doing that, my microgateway was working and I was getting a proper response. Anyone have any ideas on why the generated access token is not working properly?

I'm running:

nodejs version: 6.7.0

edgemicro version: 2.3.1

0 4 289
4 REPLIES 4

Not applicable

Through some further testing with some more endpoints that I've added, I'm pretty sure that the Edge Microgateway is either stripping out the Authorization header or modifying it in some way, despite me setting it to pass through.

I created an endpoint on the MGW that points to httpbin.org/post, which responds with your request. When I try to send the request as is directly to the endpoint, then that works no problem. However, when I send the request through my MGW, I notice that all of the other headers and body are sent correctly, except for Authorization.

Anyone have any ideas on how to fix this?

Are you trying to send the auth header to a backend service for authentication/authorization? Or are you using EM to authentication/authorize, and want to maintain the credential in the header all the way to the back end server?

@Matthew Dobson

, I'm sending an auth header to a backend service for authentication/authorization. I have my proxy setup for pass through, and I want to send the entire request to a backend service that I have running on my local machine.

Could you remove the oauth plugin from microgateway then? Doesn't seem to have much use. You aren't actually issued keys by EM. That's done by edge in the cloud. So removing it should allow passthrough of the token to your backend service.