Is there way we can implement grant type urn:ietf:params:oauth:grant-type:token-exchange to generate access token using Apigee?

Hi Team,

Is there way we can implement grant type urn:ietf:params:oauth:grant-type:token-exchange to generate access token using Apigee?

Please let me know if you need anything else.

Thanks,

0 1 332
1 REPLY 1

Yes

I gather this is from RFC 8693, published in January 2020.

Apigee includes a toolbox full of OAuth policies, and while I haven't done it, I believe it will be straightforward to implement the exchange described in that RFC.

For example, if you look at Section 2.3 of that document, the requirement is to send a given token to an authorization server. This is easy to do with a ServiceCallout in Apigee. It's just a matter of configuring the policy.