I am trying to get an attribute from my access token, for example the application or username and then pass it to the target service either in the query string or as a header. This way the target service knows who authenticated and is calling the method.
How can I configure this?
Hi Mike,
this is a really simple thing, I'm sorry it's taken two days and no one has responded yet.
When you verify an access token, the policy configuration is usually quite simple, like this:
<OAuthV2 name='OAuthV2-VerifyToken'> <Operation>VerifyAccessToken</Operation> </OAuthV2>
This policy implicitly sets context variables when the token is valid. These include:
This behavior is documented.
The attribute you set on the token is then available as a context variable named access_token.ATTRIBUTENAME where ATTRIBUTENAME is the name of the attribute in your OAuthV2/GenerateAccessToken policy.
To send that to the target, use an assignMessage policy to add a queryparam or header:
<AssignMessage name='AM-AddQueryOrHeader'> <AssignTo createNew='false' type='request'/> <Set> <QueryParams> <QueryParam name='outgoingParamName'>{accesstoken.ATTRIBUTENAME}</QueryParam> </QueryParams> <Headers> <Header name='x-My-Header'>{accesstoken.ATTRNAME}</Header> </Headers> </Set> </AssignMessage>
You need to attach that AssignMessage policy somewhere in the proxy request flow, or the target request flow.
Does it make sense?
User | Count |
---|---|
7 | |
2 | |
2 | |
2 | |
1 |