Hi,
I am using Set Oauth V2 Policy in Pre Flow to set attribute in my Access Token, so that I can use that information while calling my API.
My APIs expect info like user id and role id as header parameters, so I want them to be stored in Access Token Profile as attributes when the user first time call the API using access token.
My problem is that I am not able to set the attribute value using Set Oauth V2 Info policy, this is how my Set Oauth V2 Info Policy looks:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <SetOAuthV2Info async="false" continueOnError="false" enabled="true" name="Set-OAuth-v20-Info-1"> <DisplayName>Set OAuth v2.0 Info-1</DisplayName> <AccessToken ref="access_token"/> <Attributes> <Attribute name="X-UserId" ref="request.headerparam.value"/> </Attributes> </SetOAuthV2Info>
And below is how I am calling my API using cURL:
curl http://{org-name}-test.apigee.net/v1/getcontentbyid/abcdef1234 -H "Authorization: Bearer {access_token}" -H "X-UserId: troy"
Above call gives me a successful response but it does not store the value for my attribute:
oauthv2accesstoken.Set-OAuth-v20-Info-1.X-UserId: {empty}
I need this value to be stored in my Access Toke profile, so that user do not have to pass this info every time he calls the API.
My oauth policy is below:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <OAuthV2 name="GenerateAccessTokenClient"> <!-- This policy generates an OAuth 2.0 access token using the client_credentials grant type --> <Operation>GenerateAccessToken</Operation> <!-- This is in millseconds, so expire in an hour --> <ExpiresIn>3600000</ExpiresIn> <SupportedGrantTypes> <!-- This part is very important: most real OAuth 2.0 apps will want to use other grant types. In this case it is important to NOT include the "client_credentials" type because it allows a client to get access to a token with no user authentication --> <GrantType>client_credentials</GrantType> </SupportedGrantTypes> <GrantType>request.queryparam.grant_type</GrantType> <GenerateResponse/> <Attributes> <Attribute name="X-RoleId" ref="request.header.roleId" display="true">developer</Attribute> <Attribute name="X-UserId" ref="request.headerparam.value" display="true"></Attribute> </Attributes> </OAuthV2>
Please suggest.
Thanks,
Kumud
Solved! Go to Solution.
Hi @Kumud Gautam,
As i noticed in the SetOAuthTokenInfo policy code, the syntax is correct except for ref in Attribute element to access header is not correct
<Attributes> <Attribute name="X-UserId" ref="request.headerparam.value"/> </Attributes>
Try using request.header.{header_name} instead of request.headerparam.value
<Attributes> <Attribute name="X-UserId" ref="request.header.{header_name}"/> </Attributes>