Microgateway

vjosyula · 12-13-2018 11:36 AM

I have a scenario where i need to use an JWT token generated by Wso2((3rd party external token, contians user identity information) which needs to be added to the token store of Oauth. is it possible to use Oauth plugin and leverage this in edge microgateway. please help me with your feedback. @srinandans @Anil Sagar @ Google @Dino @Siddharth Barahalikar

vjosyula

@srinandans can u assist me on this issue?

Former Community Member

One option available is (assuming the 3rd party is the authorization server):

Step 1: Register client in the 3rd party. This should generate a client id and secret.

Step 2: Import the client id to apigee. This will create a developer app in Apigee.

Step 3: Associate the developer app with one or more API products

---

In Microgateway's org-ev-config.yaml, ensure you have the plugins in the following sequence:

- extauth
- oauth

extauth:
  publickey_url: "URL to your JWK endpoint"
  client_id: "the property name in the JWT that contains the client Id" # defaults to client_id
  iss: "This should be the same issuer that is included int the JWT."

Configure the oauth plugin as usual.

See more about the extauth plugin here.

vjosyula

can u help with step 2 on how to import client id to apigee?

ericschult

You import keys using the management api:

https://docs.apigee.com/api-platform/publish/import-existing-consumer-keys-and-secrets