This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Create a page for end users to manage OAuth authorized applications

Posted on 07-09-2021 05:49 PM
devin15
Bronze 4
Bronze 4
Reply posted on --/--/---- --:-- AM

I'd like to create a page inside my application to enable end-users to manage the OAuth applications that have access to their account. This is a standard feature for all OAuth providers. How can this be implemented with Apigee?

 

This is what I've figured out, but it seems overly complex.

  1. Fetch all access tokens for a user by iterating over `oauth2/search` while filtering with `enduser` (there's no filter for active only)
  2. Fetch each token to get the `appId`
  3. Find the unique set of app IDs across all tokens

There are several problems with this:

  • No way to tell if an application's access has already been revoked (access tokens are revoked, but are refresh tokens revoked too?)
  • The set of access tokens can be large, so it needs to be done as a background job
0 1 190
Topic Labels
0 Likes
1 REPLY 1