This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

How to introspect an OAuth token on Apigee X?

Posted on 12-07-2021 10:43 AM
asaischintala
Bronze 5
Bronze 5
Reply posted on --/--/---- --:-- AM

I have an OAuth Provider API which generates token for client_credentials grant type.

 

I want to expose an "Intropsect" function, where the token is passed to the API and it returns whether the token is valid or not.

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<OAuthV2 continueOnError="false" enabled="true" name="IntrospectOAuth2Token">
    <DisplayName>IntrospectOAuth2Token</DisplayName>
    <Properties/>
    <Attributes/>
    <ExternalAuthorization>false</ExternalAuthorization>
    <Operation>VerifyAccessToken</Operation>
    <AccessToken>request.formparam.token</AccessToken>
    <SupportedGrantTypes/>
    <GenerateResponse enabled="true"/>
    <Tokens/>
    <RFCCompliantRequestResponse>true</RFCCompliantRequestResponse>
</OAuthV2>

 

I have used the above policy to verify the token and it's good.

 

But how can I generate a response body for valid and invalid tokens?

@dchiesa1  Please help.

0 1 1,078
Topic Labels
0 Likes
1 REPLY 1
Top Solution Authors
View all