I want to apply ropc grant type in apigee and use token from backend as external token to oauth2 policy ,but i do not know how generated token from apigee will work with backend
I have login api that take email and password and response is token
--header "Content-Type: application/json" ^
--data-raw " {\"email\":\"test@nbg\",\"password\":\"Pass1209!\"}"
response
{
"status": "OK",
"errors": [],
"messages": null,
"data": {
"token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpYXQiOjE2NTI4MjUzMDgsIm5iZiI6MTY1MjgyNTMwOCwiZXhwIjoxNjg0MzgyOTA4LCJqdGkiOjEwOTl9.fYvefAAvwJ0W304k7-62QEECy0V_MKdxpPzr46Zd9KkTlNZnw8dtvrG8Bqxuz5p2UPKUixf6zcOfjBjU38120cHb0oGdYhaHPqXuFEqvIyisi-qaoN9YeWqwxil8ZT8NGjLHK8fAssreavNzv_NlqvcKGL49twDr8INxs2TyblxLi01FqV3YoS3dMy1bkAWtpBwj_Ga1IQoiDOeMV7-vjqM5gwVsy32zIZSLWX_tQVCiwkAQAIXV7koi0MHjZj0ySdvG7y6NzxsKTFrxcW6pMP5n_xW4vOTwixye3AenFYx0icHD80IKZqnNzNXwYOQTCQ6L0XKwAUjz8TIwe-SHLl2A8fEXQh8M4VcNV0hG_hO8rUB9f695gZvAf9RdW0RvItZxH7fR2eFLwhAVOfjBAnLmOwwoxjXJ10VLYA0Z_WsE8apvofxNcCg9j342PnKwwTcPGAM99kfH12n7jPPhKNAm8KhxXvbHlOpUOc2PYwKm96dDkAB0tGF-__wJCzseMNa6-IfLxPAgJx3YQwchmbw-fAp51NaoGI1zwFJHBt9GoPGFbzb3Y0CqUoZmfxBWC-7hBOA3pCkFuOf7QXnoowMSSrqLYocJyUNTDhdNhsIMjoOfYbL_SRqeEuHWru-bYHXczFnO8wH-yv2tXboe-TG1tKBA6vX1y3tQL2jKIqg"
}
}
I want to manage this api by apigee and apply security for it
i have to scenario
1- first to use serviceCallOut and call this api direct and return the token.
2- second to apply oauth2 policy with ropc grant type (return opaque token) and also make service callout to request login api and return the token then cache the opaque token as a key and token return from backend as a value
then return the generated access token from oauth as opaque token
@dchiesa1 please i want to know the best solution and if there another solution ,please mention it
LinkedIn
Twitter
