This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Spike arrest and quota limit the calls to proxy endpoint that performs InvalidateToken and ValidateToken operations

Posted on 09-15-2020 03:37 AM
gauravpatil
New Member
Reply posted on --/--/---- --:-- AM

In OAuthv2 we get these 2 operations - ValidateToken and InvalidateToken for which I have created separate proxy endpoints. But there are no flow variables that are populated for them, So not sure based on which identifier I can rate / quota limit the calls to these endpoints.

https://docs.apigee.com/api-platform/security/oauth/validating-and-invalidating-access-tokens

0 1 155
Topic Labels
0 Likes
1 REPLY 1

Posted on --/--/---- --:-- AM
Not applicable
Reply posted on --/--/---- --:-- AM

The client id will be available after the validation. You can use that or you can make oauth token itself as identifier

To invalidate you can put the same refresh token as identifier

0 Likes