Hi
First of all, I somewhat new to the API world so please bear with me.
I am in a situation where I need to try and convert a basic authentication token request to a Oauth2 token request with grant type client credentials. The overall idea is to input client ID and client secret as username and password in the basic authentication and then convert it as intended for a oauth2 (grant type client credential) token request, and get a access token back.
Background info:
I working on a project where an hybrid iOS app is connected to the cloud. The cloud provides a feature that enables a centralize place to store http's endpoint and credentials that is used within the app, so that is not stored in the code. The app has a sync function with the cloud which enables it to see all specified endpoints in the cloud.
So now we wish to integrate a third party API data sources where we wish to declare the endpoints to this data resource through the cloud. The data source uses Oauth2 authentication with grant type client credentials. The cloud does unfortunate not provide the ability to get a access token and send it along to the app through the Oauth2 protocol. But it does with Basic authentication, so that why I wish to try to convert the request here in apigee.
It is important that endpoints and credentials are stored in the cloud and not on the app. The app is allowed to handle a access token.
I hope somebody can provide me with some help, or alternative insight.
Hi! And thanks for the question.
Unfortunately I'm not clear on what you want to do. I need to ask some clarifying questions. You wrote:
I need to try and convert a basic authentication token request to a Oauth2 token request with grant type client credentials.
I think you are saying that there is a backend system that accepts Basic Auth, and you want your app (iOS app) to use OAuth2 tokens. Is that right? Something like this?
If so, this is something we call "security credentials mitigation" within Apigee Edge. In more detail, the client app sends a set of credentials to Apigee Edge; the Apigee Edge API Proxy verifies those credentials, then uses a different set of credentials to invoke the backend system .
This is a common pattern.
If this is what you want to do, it's pretty straightforward with Apigee Edge. You need to:
Hi Dino
Thank you very much for that answer. I see now, that my question is not specific enough. So from inspiration from you, I will try and draw my question in the following figure:
So the circumstances are that I have a iOS app (the client) that only can make token request through the basic authentication protocol, and I have a backend system that only supports token request through the Oauth2 protocol with client credentials. So I need to convert a basic authentication token request made by the app, and convert that to a Oauth2 token request.
If the credentials are valid in the backend system, then I get a Access token in return.
Ideally I would like to just pass the client ID and client secret from the basic authentication request to the oauth2 token request. But I am not entirely sure that is possible. Storing the credentials is an option, but as mention I would like to go with just passing them through the proxy.
I hope this explanation and the figure makes my question much more clear.
User | Count |
---|---|
5 | |
2 | |
2 | |
1 | |
1 |