Generating Access Token

benyuen-1
Participant II

Hi,

I'm trying to add OAuth2.0 for my proxies where Apigee is the token creator.

I've found this article: https://docs.apigee.com/api-platform/security/oauth/access-tokens.html#requestinganaccesstokenpasswo...

In this article it says for a client to generate an access_token a specific endpoint with a policy have to be created.

Is there a more general way for Apigee to create an access_token than doing it this way?

Solved Solved
0 1 169
1 ACCEPTED SOLUTION

sidd-harth
Participant V

Yes, we always need to use OAuth V2 policy for generating an access_token.

Approach 1 -

It is recommended to use a No-target Proxy(endpoint) for generating tokens. Generating OAuth tokens in Apigee doesnt require a target/backend and hence we use a No-target proxy.

Approach 2 -

Creating a proxy only for generating OAuth tokens is not mandatory. We can generate OAuth tokens in regular proxies as well, but it requires few customizations. Creating a new ProxyEndpoint and setting it to Null Route Rule (A null route supports scenarios in which the request message does not need to be forwarded to a TargetEndpoint. This is useful when the ProxyEndpoint performs all of the necessary processing).

If you choose the first approach, we get one endpoint for generating tokens and it can be used in other endpoints for Verifying the token.

In the second approach, we get single endpoint with two base/uri paths one for generating and other for verfying.

View solution in original post

1 REPLY 1

sidd-harth
Participant V

Yes, we always need to use OAuth V2 policy for generating an access_token.

Approach 1 -

It is recommended to use a No-target Proxy(endpoint) for generating tokens. Generating OAuth tokens in Apigee doesnt require a target/backend and hence we use a No-target proxy.

Approach 2 -

Creating a proxy only for generating OAuth tokens is not mandatory. We can generate OAuth tokens in regular proxies as well, but it requires few customizations. Creating a new ProxyEndpoint and setting it to Null Route Rule (A null route supports scenarios in which the request message does not need to be forwarded to a TargetEndpoint. This is useful when the ProxyEndpoint performs all of the necessary processing).

If you choose the first approach, we get one endpoint for generating tokens and it can be used in other endpoints for Verifying the token.

In the second approach, we get single endpoint with two base/uri paths one for generating and other for verfying.