How to display the values of an AccessToken in Apigee Trace tool / Request Body?

So I created a Policy to get the details of the token based on the documentation w/ the ff. code.

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<GetOAuthV2Info async="false" continueOnError="false" enabled="true" name="OA-GetTokenDetails">
    <DisplayName>OA-GetTokenDetails</DisplayName>
    <AccessToken ref="request.queryparam.accesstoken"/> </GetOAuthV2Info> 

But, I'm not seeing the contents of a token in the Trace tool or Request Body of my request. How do I know if my access token has the proper values I want it to have?.

It's just that I have a policy that removes personal information from the the custom attributes of my access token and I want to check whether if the information was actually remove from the token alright.

Solved Solved
0 3 560
1 ACCEPTED SOLUTION

hi @Joshua Cariño,

you can use javascript policy to print the output object of the policy GetOAuthV2Info

var token_info = context.getVariable('oauthv2accesstoken.OA-GetTokenDetails');

you can take the reference here - https://docs.apigee.com/api-platform/reference/policies/get-oauth-v2-info-policy

you can print individual attribute also.

View solution in original post

3 REPLIES 3

hi @Joshua Cariño,

you can use javascript policy to print the output object of the policy GetOAuthV2Info

var token_info = context.getVariable('oauthv2accesstoken.OA-GetTokenDetails');

you can take the reference here - https://docs.apigee.com/api-platform/reference/policies/get-oauth-v2-info-policy

you can print individual attribute also.

I have also validated the custom attributes can be printed using JS. by default it doesn't appear in the trace so you need to print individual element in the JS policy

// Product scope from GetAccessTokenValue policy
var scope = context.getVariable('oauthv2accesstoken.GetAccessTokenValue.scope'); 
print(scope);

// Custom Attribute
var talent_list = context.getVariable('oauthv2accesstoken.GetAccessTokenValue.accesstoken.tenant_list');  
print(talent_list);

Note - all these values are visible in trace with VerifyAccessToken operation on Oauth2 in apigee so you may want to explore that as well.

I just thought I didn't find more information on the documentation. As I was expecting it to print out all the details in the Response Body much like what it would when creating an access token using authorization grant type. Turns out it doesn't then, and I would have to manually print all of them via JS.

BTW, thanks for the help.


Along the way though, I found out that I could also view the values stored in the attributes of my token by calling another Set Policy of OAuth and just assign a null value to an attribute that I know will always have a value anyway. For debugging purposes, this will do for me as I could immediately see all the values stored in the access token in the trace, but this would delete some contents on the same access token.I havent tried reassining the same value to the attribute of a token yet, sot that it won't have a null value, but it seems I could do so anyway. So for debugging purposes, this is one way of doing it for me with less the JS policies and printing.