Layer7 API Management

need to send token from first call to second call Authorization -- Bearer + access token.

How would i approach.

Normally, when you get token from 1st call, you set it to cookie (with Manage cookie assertion), then you can get it from cookie for subsequent calls (from the same client).

I know this has been turned into a support case. We will need to note the resolution from the support case (once resolved) here as well for others who come across this thread.

I know we were able to resolve it for the 9.x series, but I believe I understand recently that you're actually running on 8.2, is that right? And the option to modify the headers isn't in 8.2, so now you're getting errors back with duplicate content-type headers. Right? 

eftar01 and I are working together to sort this one out for you for the 8.x series via the support case. I do encourage you to upgrade ASAP though as not only will you be able to already have moved past this issue but will also be free of the impending 8.x series end-of-service coming up on April 30, 2019.

Hi,

Thank you for providing the feedback.

Yes, we are using v8.2 of gateway. We'll be upgrading once we have approvals from all of our users who use Gateway for their services as it will impact all of their timeline and many still have on going projects and are soon to go live.

The policy works fine when testing under v9.2 of the gateway but doesn't seem to work in 8.2. So, I am hoping there's a workaround/assertion to remove or modify heades,

Thank you for all your help.

Resolution of the case created to achieve this use case:

1- How to extract the access token from the response of the first Route via HTTP(S) Assertion, and put it in a context variable such as oauthAccessTokenOnly. That could be achieved using Evaluate JSON Path Expression Assertion with the response from the first call as input. More details on that available here:
https://docops.ca.com/ca-api-gateway/9-3/en/policy-assertions/assertion-palette/message-validation-transformation-assertions/evaluate-json-path-expression-assertion/

2- How to post the access token through the request of the second Route via HTTP(S) Assertion. That could be achieved in two different ways.
A - Using the routing assertion on the tab "Authentication": select "Use OAuth Authentication", "Version: 2.0", "Token Variable: ${oauthAccessTokenOnly}". IMPORTANT: the content of that variable should only be the token, the string 'Bearer' cannot be included!

B - Using the routing assertion on the tab "Headers": check "Pass through only certain request headers", add "Header name = Authorization", "Header Value = Bearer ${oauthAccessTokenOnly}": IMPORTANT: the content of that variable should only be the token, the string 'Bearer' cannot be included! More details on that available here:
https://docops.ca.com/ca-api-gateway/9-3/en/policy-assertions/assertion-palette/message-routing-assertions/route-via-http-s-assertion

- In both A and B, you have to use Validate or Change Content Type Assertion to sent Content-Type in the header to application/json. For more information on the topic look here:
https://docops.ca.com/ca-api-gateway/8-3/en/policy-assertions/assertion-palette/message-routing-assertions/manage-transport-properties-headers-assertion/

Sincerely,

Stephen Hughes

CA Support