API proxy to Verify Okta access token using Okta ID token

jivanpatil
Participant III

My use case is to verify the access token that client request has. Okta is my identity provider. Inbound request will have access token that user got from Okta. We have created Okta ID token for apigee so that okta can identify apigee. I want to create an api proxy which will verify the access token. Also I want to persist this access token forward as well because internal services might be secured and they might need it for verification again. I want to create an api proxy which will do this work. Also I want to add IP white listing as well to verify the IP or range of IP's.

Solved Solved
0 2 996
1 ACCEPTED SOLUTION

One thing at a time, ok? You want a lot of things, IP whitelisting and tokens and so on. Let's focus on one thing.

You have an access token from Okta.

What do you mean by "access token" ? What does it look like? Is this a JWT? Is it opaque?

If it is opaque, the way for Apigee to "validate" the token is to call to the issuer (in this case Okta) to ask if the token is valid. I don't know what this looks like; probably there is an endpoint at the issuer that tells you the status of an access token.

If it is a JWT, then you can use VerifyJWT to verify a JWT issued by Okta.

View solution in original post

2 REPLIES 2

One thing at a time, ok? You want a lot of things, IP whitelisting and tokens and so on. Let's focus on one thing.

You have an access token from Okta.

What do you mean by "access token" ? What does it look like? Is this a JWT? Is it opaque?

If it is opaque, the way for Apigee to "validate" the token is to call to the issuer (in this case Okta) to ask if the token is valid. I don't know what this looks like; probably there is an endpoint at the issuer that tells you the status of an access token.

If it is a JWT, then you can use VerifyJWT to verify a JWT issued by Okta.

Thanks @Dino . The token I used is JWT and used the policy mentioned, worked for me thanks. I'll create separate question for others.