This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Announcements
This site is in read only until July 22 as we migrate to a new platform; refer to this community post for more details.
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

configure Apigee to ignore Authorization Header

Posted on 02-16-2018 03:17 AM
Not applicable
Reply posted on --/--/---- --:-- AM

Hi

We are using client_credentials flow of Oauth 2.0.

We pass the following in token request:

1) client_id and client-secret as form parameters. Apigee should use these for validation when creating access_token.

2) Second set of credentials in Authorization header. Apigee should ignore Authorization header.

Those are used by our custom code during token creation.

Problem: Apigee reads Authorization header and ignores form parameters (client_id/client_secret). (Though Apigee correctly uses client_id/secret if Authorization header is not passed.)

Question:

How to configure Apigee so it ignores Authorization header and uses client_id and client_secret which are passed as form parameters?

I would appreciate any suggestions.

Regards

0 2 832
Topic Labels
0 Likes
Reply
2 REPLIES 2
Top Solution Authors
View all