Weird behavior found in Apigee Edge platform

dkumar
Participant I

Hi Team,

I want to implement OAuth 2.0 for client credential. I implemented it and received access token. Using that access token when I fire a request I see that request is validating properly and also request is hitting the correct target server. However, target server is returning unauthorized request. When I take the curl command that edge is trying to hit and fire through postman I am getting the correct payload.

It's hard to debug why Edge is not able to receive success response from target server. Any thoughts on this may help.

9304-targetrequest.png

9305-targetresponse.png

9306-postmanresponseonsamecurl.png

Thank you

Regards,

Dwiz

0 2 117
2 REPLIES 2

It looks to me that your "upstream" or "target" system is hosted in Apigee.

The URL looks like

http://something-test.apigee.net/db/products

Is that YOUR Apigee instance, or does it belong to someone else?

If it's YOURS then I suggest opening a window to the proxy that listens there, and running a Trace session.

If it belongs to someone else, then I suggest consulting the documentation for the endpoint, or communicating with the API Publisher.

If neither of those work for you, then you have to guess. There's no telling what the problem is. Some possibilities are:

  • your API proxy is passing the token to the upstream, and the upstream is rejecting that token. Do you pass a token from postman?
  • Postman is sending an Accept header that is different that your API proxy
  • The upstream proxy is performing an IP whitelist and is rejecting the call from your API Proxy on that basis. (This could also be happening via Apigee Sense)
  • many other possibilities

ps: Guessing is the least effective way of trying to find a solution to this problem.

Hi Dino,

Fixed this issue.

Issue was basically with the target request header. I am using Apigee target url since it is just a POC on which I am working on.

As a part of sending access token we use Authorization header and this header was the main culprit because Apigee after validating this header at the proxy preflow was passing it to the target server. Since, the target server was at Apigee end so they were verifying this access token(since header was bypassed to the target) from there end too.

To fix this issue after access token validation I removed the Authorization header using assign message policy and then it started working.

Thank you once again for your response.

Regards,

Dwiz