create proxy to get the token from Oauth2.0 rest api and then pass this token to get response to from another rest API

Dear APIGEE Forum members,

I am new to apigee and I need to create API Proxy for a external REST API.

My requirement is as below.

1. Create a API Proxy for a OAUTH 2.0 REST API with Client_id, Client_secret, grant_type= 'client_credentials' and scope. The Content_type = /application/json. This target endpoint creates a token.

2. Once I create the above proxy I need to retrieve the Token from the above Proxy and then pass the Token , prefixed by "Bearer" to the final End Point.

I request you to please help me with

  • Any sample project that you can guide me to.
  • Detailed step by step approach with what I need to do.
0 7 1,718
7 REPLIES 7

@Sushant Shambharkar

You can check the GitHub samples for this

1. API proxy to generate the oauth token - https://github.com/apigee/api-platform-samples/tree/master/sample-proxies/oauth-client-credentials

2. A second API proxy validates the token and routes to the Target - https://github.com/apigee/api-platform-samples/tree/master/sample-proxies/oauth-verify-accesstoken

hi Nagashree,

I uploaded the zip file which u pointed and it created a proxy for me. but there is no way I am passing the clientid, sclentsecret, scope and grant_type. My challenge is to pass these and and get the token from a external rest API.

please advice how to get the token from already a Oauth Target point.

@Sushant Shambharkar, the link I provided is for the usecase where Apigee is the Oauth provider.

if you have a rest API that generates the token, then you just create a new proxy with the Reverse proxy option.

You can invoke your API proxy with client Id and secret - base64 encoded and passed in Authorization header. You can then use assign message policy to Pass the inputs via headers/request body/query parameters as expected by the Target endpoint

Also check this out on how apigee validates external oauth tokens- https://docs.apigee.com/api-platform/security/oauth/use-third-party-oauth-system

thanks let me try this out.

hi Nagasree,

the link does contain the solution i am looking for , but there is one problem I am not seeing the zip file for proxy which I can import in my space.

do you have the zip file for the same.

Generally speaking the apiproxy folder is inside the zipped file.

But if you check the notes of github, it explains how to deploy this proxy in your org.

Download the ZIP, https://github.com/apigee/api-platform-samples and follow the steps as described,

I do not have the zip file, can you try to clone the repo and create the proxy bundle yourself starting from the apiproxy folder

https://github.com/dzuluaga/apigee-tutorials/tree/master/apiproxies/musicapi-oauth-delegated-authent...