We're planning for using Oauth as proxy, as in our scenario have two different gateways where one gateway is an external one & the other one is an internal one. We want to use Oauth of internal gateway for all the operation & Oauth of external gateway to be as a front and proxy that routes all oauth request to internal oauth. Is this an achievable approach?
The gateway itself can be configured to work as a proxy,
Publish Reverse Web Proxy - CA API Gateway - 9.4 - CA Technologies Documentation
Hey, thanks for the response. But in my scenario i'm looking for OTK services to work as proxy and i don't want to create any extra service. is there a way i could configure whole OTK to route all the request to another internal OTK on different gateway?
OTK services are designed for oauth authorization, it cannot work as proxy.
A proxy is to connect between a client and a server, the OTK is running as oauth server, it doesn't make sense to run as a proxy.
Hi, Let me provide detailed description .
our Scenario has two gateways with one acting as external and the other as internal gateway, now in a same way external gateway has OTK & it is the first point of interaction with any outside application, so application will be hitting external OTK for any kind of oauth related operation. Now we do not want to perform any kind of Oauth operation on external OTK except accepting request from applications & forwarding them to internal OTK(gateway) where all the Oauth operation will be performed as in token generation,validation etc.
Does this scenario make sense? please provide any inputs on achieving this scenario.
Dear Jaykumar ,
In your case, you can use the external gateway as reverse proxy(you don't need to install OTK on external gateway), and internal gateway is running as OTK server.
Alternately, you can choose another option Joe Dascole provided below.
It sounds like you are looking for the dual gateway scenario described here:
Dual Gateway Scenario - CA API Management OAuth Toolkit - 4.3 - CA Technologies Documentation
Looks like you've found it for me :-D. thanks, this seems to be an option i've been looking for.