This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Announcements
This site is in read only until July 22 as we migrate to a new platform; refer to this community post for more details.
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Please tell me about hashing of access tokens

Posted on 04-03-2018 04:16 AM
Not applicable
Reply posted on --/--/---- --:-- AM

We use OPDK 4.17.01.

Please tell me about hashing of access tokens.

I tried the following, but failed Set OAuth V2 Info policy.

The setting contents are as follows.

features.isOAuthTokenHashingEnabled = true

features.OAuthTokenHashingAlgorithm = SHA512

The error message is as follows.(Status code 500error)

{"fault".{"faultstring":"Invalid Access Token","detail":{"errorcode":"keymanagement.service.invalid_access_token"}}}

What is the cause?

Do you need the following settings?

features.isOAuthTokenFallbackHashingEnabled = true
features.OAuthTokenFallbackHashingAlgorithm = SHA1 | SHA256 | SHA384 | SHA512 | PLAIN
Solved Solved
0 4 527
Topic Labels
Jump to Solution
0 Likes
Reply
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
Not applicable
Reply posted on --/--/---- --:-- AM

Hi Tomoya,

Can you check if the Access Token you passed to the policy is not the hashed one?
It should be the original token returned initially by the request of generating the token.

Also please check with the management API 'Get OAuth 2.0 Access Token' that the token is valid. https://apidocs.apigee.com/management/apis/get/organizations/%7Borg_name%7D/oauth2/accesstokens/%7Ba...

Thanks,
Toshi

View solution in original post

Jump to Solution
0 Likes
Reply
4 REPLIES 4
Top Solution Authors
View all