Layer7 API Management

Expand all | Collapse all

How can we retrieve the ${custom }

Jump to Best Answer
  • 1.  How can we retrieve the ${custom }

    Posted 04-04-2018 08:19 PM

    The custom field contents are stored in the ${custom} variable that has the following structure:  {"client_custom": ${client_custom}, "client_key_custom": ${client_key_custom}}

     

    Where can we retrieve these values  {"client_custom": ${client_custom}, "client_key_custom": ${client_key_custom}} in /token end point.



  • 2.  Re: How can we retrieve the ${custom }

    Posted 04-05-2018 08:47 AM

    Hi,

     

    I usually find these values as output variables of 'OTK Client Authentication' Assertion in the /token endpoint

     



  • 3.  Re: How can we retrieve the ${custom }

    Posted 04-05-2018 08:23 PM

    I could find the ${client_key_custom} from session tracking ,but unable to find the ${session_custom} in the token end point.

     



  • 4.  Re: How can we retrieve the ${custom }
    Best Answer

    Posted 04-06-2018 03:37 AM

    The 'OTK Session Tracking' Assertion sets the ${session_output} variable which includes ${client_custom} and ${client_key_custom} obtained from the previous 'OTK Client Authentication' Assertion.

     

    OTK Session Tracking Properties

     

    session_output

     

    These values then can be retrieved using the 'OTK Require Oauth 2.0 Token' Assertion in your protected APIs

     

    OTK Require Oauth 2.0 Token

     

    ${session.custom} looks something like this.

     

    Token Custom Field

     

    You can then use 'Evaluate JSON Path Expression' Assertion to get client custom field to perform additional tasks. (for example, in my case I save the client's certificate thumbprint when the client is registered. I then make sure the same client is calling the protected APIs by mandating client certificate in request and checking its thumbprint against that is saved in the token DB. I also use custom_lifetime for client specific token lifetimes)



  • 5.  Re: How can we retrieve the ${custom }

    Posted 04-11-2018 12:19 AM

    Thanks



  • 6.  Re: How can we retrieve the ${custom }

    Posted 04-11-2018 07:55 AM

    You're welcome. Please mark my reply as answer if you're satisfied so others may be able to get help too