How to add custom fields in OAuth2 access token from a target endpoint

Not applicable

I am trying to reuse the OAuth2 token generation from the edge, but add custom fields into the generated token. I see plenty of example of using an external token generator, but I don't want to generate the whole token, just my custom fields from a target endpoint. I looked at using SetOAuthV2Info, but still not clear how to receive the generated token in my nodeJS target and then add my custom fields before returning the results. (I'll be using some request headers in the target endpoint to generate the custom fields). Appreciate the help.

1 4 1,709
4 REPLIES 4

Former Community Member
Not applicable

You can do with the OAuthV2 policy itself, at the time of token generation. First call the target endpoint (node.js app in you case). Then in the response flow call the OAuthV2 policy.

@Santosh Mallesan , Welcome to Apigee Community !

If i understand your question correctly,

  • You would like to generate token in Apigee Edge
  • Send token to target backend (NodeJS)
  • Generate token attributes (custom fields) & send it to Apigee Edge
  • Add custom fields to the token as attributes associated with that same token.
  • Return the token along with attributes to the client who requested it

Am i right ? One thing i don't understand is , Do you need token to create these custom fields in Node.JS ? Is it ok if the token is sent to target server again after adding custom attributes ? Your questions is not very clear.

@Anil Sagar, thanks for your response. You have it right. What you listed is what I would like to do. I do need the token when creating the custom fields in NodeJS (for accounting purposes). If a token comes to the target server again with the custom attributes already in it, that's probably ok, since I'll be overwriting it. But since I'm using this only during token generation, I'm assuming the target server won't get the token with the custom attributes already in it.

@Santosh Mallesan , It should be straight forward. See similar discussion here. Give it a try. If you still unable to figure out, Let us know what you are doing with sample proxy / policies code with a dummy target that mimics the custom fields using Javascript / dummy target.

Should be quick thing in Apigee Edge, I can say should not take more than 30 minutes. Again, Keep us posted if you are stuck. Happy to help.