This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Integrating API Developer portal Open API specification security schemes with Okta.

Posted on 05-13-2020 10:38 PM
shrutisiyalss5
New Member
Reply posted on --/--/---- --:-- AM

We are trying to provision an APIGEE developer portal and included an open API specification into it where we have defined the security scheme as below:

securitySchemes:
    oauth2:
      type: oauth2
      flows:
        implicit:
          authorizationUrl: >-
            https://XXXXXXXXXXXXX/connect/authorize?
          scopes:
            order.customer

Here, the authorization server is actually an OKTA endpoint. When we are trying to Authorize the from the API Specification visible in Developer portal while providing the appropriate client id in the pop-up.

9890-screen-shot-1.png

The developer portal is generating the implicit request to OKTA like below

https://<OKTA_AUTHORIZATION_URL>?client_id=<client_id>&response_type=token&redirect_uri=<redirect_ur...

But as per OKTA documentation for making an implicit call they need two more query parameters i.e. nonce and status. How can we pass these parameters from the APIGEE developer portal? Is there any configuration that will enable me to pass these extra query parameters to my authorization call?

I am using a public cloud (SaaS) APIGEE version.

0 2 323
Topic Labels
0 Likes
2 REPLIES 2
Top Solution Authors
View all