Apigee Token Retreive user identity

LinkedIn · 11-30-2017 04:53 AM

I am digging on the Oauth implementation under Apigee, and there is something that escapes me.

Once the user is authenticated and provides a token to access a protected resource. I want to get the identity of the user at the API level (or Apigee) to determine which user is logged in?

If in Apigee I will add the user mail in the request url or in the body of the request, and If I handle that in API, how could get the identity in the requested protected source

Example

I am using Resource password grant flow

After VerifyAccessToken is there any call that i have to do to get user identity? (email for example)

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<OAuthV2 async="false" continueOnError="false" enabled="true" name="verify-oauth-v2-access-token">
    <DisplayName>Verify OAuth v2.0 Access Token</DisplayName>
    <Operation>VerifyAccessToken</Operation>
</OAuthV2>

isaias_arellano

Use the access entity policy once you have verified the access token to pull in the developer info

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<AccessEntity async="false" continueOnError="false" enabled="true" name="PullDeveloperInfo">
  <DisplayName>PullDeveloperInfo</DisplayName>
  <EntityIdentifier type="consumerkey" ref="apigee.client_id"/>
  <EntityType value="developer"/>
</AccessEntity>

Same way you can pull in app info, api products info, etc. For more info see

here

.

LinkedIn

Sorry I don't need developer app username but "usermail" used when he make a request to get token. I use Resource owner password grant flow

grant_type=password&username=the-user-name&password=the-users-password