This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Retrieving Application/Developer/Company Info from Client Credentials

Posted on 03-15-2016 02:31 PM
williamking
New Member
Reply posted on --/--/---- --:-- AM

When an OAUTH token is part of the flow, one can retrieve information associated with the token. For example the application name or the developer id.

How can you retrieve the same values as part of a policy where client credentials have been provided (e.g. "Authorization: Base64-encoded{key:secret}")?

Solved Solved
1 3 336
Topic Labels
Jump to Solution
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
ceber
Staff
Reply posted on --/--/---- --:-- AM

You can use the Access Entity policy to look up this and other types of information:

http://docs.apigee.com/api-services/reference/access-entity-policy

You could also just use a ValidateApiKey policy on the decoded client id. Would be worth trying both to see if there's a benefit to one over the other.

View solution in original post

Jump to Solution
0 Likes
3 REPLIES 3