Layer7 API Management

 View Only
  • 1.  CA MAG - using SDK for basic oauth flows ONLY (no SSO)

    Posted Jul 19, 2017 03:10 PM

    I find the MAG docs very confusing - they are split across MAG, MAS and the SDK often with duplication, and at differing levels of freshness.


    I'm hoping someone can answer this one for me:


    - the customer has MAG licences, but all they want to do is make a simply pubic mobile app - it would make sense for this to be exposed as 2 APIs:


    - the oauth2.0 token API endpoint for tokens (with password grant)

    - the protected API secured with oauth token for the retrieval of the customer information.


    However, if possible they'd like to use the SDK to build the mobile app calls rather than hand crank the oauth call, etc.


    Is this possible ? Reading the docs, it is not clear in the slightest - most of the docs talk about the SSO flows which include registering devices and a whole bunch of other functionality which is complete overkill for this usecase.


    I'd expect something like a cut down config file for the app which configures the client id, client secret, scope, etc and then a basic method the app can call to login and get a token, and then they write there call to the protected API (with the token).


    Or is the only use case that the SDK can be used for, the full SSO one - with device registration, mutual TLS, etc, etc - this just seems utter overkill for what they want to do for now.

  • 2.  Re: CA MAG - using SDK for basic oauth flows ONLY (no SSO)
    Best Answer

    Posted Jul 19, 2017 05:20 PM

    May I know which document are you referring to? Let's see if we can improve the documentation.


    To answer your question, the OTK (Oauth2.0 Token) endpoint are exposed and well document under 

    OAuth APIs - CA Mobile API Gateway - 4.0 - CA Technologies Documentation


    The Mobile SDK hides the complexity of all the MAG, OAuth calls and manage the token lifecycle for developer, a lot of information can be found under CA Developers, CA Mobile App Services - CA Technologies 


    To cut down your reading you can refer to:

    Set Up Project and Start the SDK 

    User Authentication and Authorization 

    Access API 

  • 3.  Re: CA MAG - using SDK for basic oauth flows ONLY (no SSO)

    Posted Jul 21, 2017 04:46 PM

    Hi Stuart,

    I want to assure you that my team is aware of the confusion regarding the various places you have to go to get documentation. That includes the confusion with the product name since we merged MAS and MAG. I agree with you. Our product owner is also aware and we are looking at several options to correct this. No timeline for now, but wanted you to know that we are looking at solutions.