Currently we are using Apigee's OAuth2 policies to generate auth codes, access tokens, and validate tokens. This all happens through the very specific OAuth2 policies. I am thinking about changing the proxy that handles OAuth2. While I do that I would like create a parallel proxy with my new resources, but leave the existing proxy in place.
Questions:
1. Is token management managed at the environment level? I.E. are tokens created for one environment unique to that environment?
2. Since Apigee generates the tokens, having two proxies generating tokens in the same environment should not be a problem. Is this accurate? Or will the second proxy cause generation/validation conflicts?
3. Have the OAuth2 policies using the same operation but different setting should not be a problem. Is this correct?
We use the following OAuth2 policy operations:
GenerateAccessToken
GenerateAuthorizationCode
InvalidateToken
RefreshAccessToken
Thanks.
Solved! Go to Solution.
Hello,
I'm sorry it took so long to get this answer to you. I had to find the right resource in the company to answer them. Answers to your questions are as follows:
Hello,
I'm sorry it took so long to get this answer to you. I had to find the right resource in the company to answer them. Answers to your questions are as follows:
User | Count |
---|---|
5 | |
2 | |
2 | |
1 | |
1 |