Layer7 API Management

 View Only
  • 1.  Oauth as proxy

    Posted Apr 21, 2019 10:56 PM

    We're planning for using Oauth as proxy, as in our scenario have two different gateways where one gateway is an external one & the other one is an internal one. We want to use Oauth of internal gateway for all the operation & Oauth of external gateway to be as a front and proxy that routes all oauth request to internal oauth. Is this an achievable approach?

  • 2.  Re: Oauth as proxy

    Broadcom Employee
    Posted Apr 22, 2019 07:31 PM

    The gateway itself can be configured to work as a proxy,

    Publish Reverse Web Proxy - CA API Gateway - 9.4 - CA Technologies Documentation 

  • 3.  Re: Oauth as proxy

    Posted Apr 23, 2019 10:55 PM

    Hey, thanks for the response. But in my scenario i'm looking for OTK services to work as proxy and i don't want to create any extra service. is there a way i could configure whole OTK to route all the request to another internal OTK on different gateway?

  • 4.  Re: Oauth as proxy

    Broadcom Employee
    Posted Apr 24, 2019 12:32 AM

    OTK services are designed for oauth authorization, it cannot work as proxy. 

    A proxy is to connect between a client and a server, the OTK is running as oauth server, it doesn't make sense to run as a proxy.

  • 5.  Re: Oauth as proxy

    Posted Apr 25, 2019 07:26 AM

    Hi, Let me provide detailed description . 

    our Scenario has two gateways with one acting as external and the other as internal gateway, now in a same way external gateway has OTK & it is the first point of interaction with any outside application, so application will be hitting external OTK for any kind of oauth related operation. Now we do not want to perform any kind of Oauth operation on external OTK except accepting request from applications & forwarding them to internal OTK(gateway) where all the Oauth  operation will be performed as in token generation,validation etc. 


    Does this scenario make sense? please provide any inputs on achieving this scenario.


  • 6.  Re: Oauth as proxy

    Broadcom Employee
    Posted Apr 28, 2019 07:55 PM

    Dear Jaykumar ,

    In your case, you can use the external gateway as reverse proxy(you don't need to install OTK on external gateway), and internal gateway is running as OTK server.


    Alternately, you can choose another option Joe Dascole provided below.




  • 7.  Re: Oauth as proxy
    Best Answer

    Broadcom Employee
    Posted Apr 25, 2019 07:36 AM

    Hi Jaykumar


    It sounds like you are looking for the dual gateway scenario described here:


    Dual Gateway Scenario - CA API Management OAuth Toolkit - 4.3 - CA Technologies Documentation 

  • 8.  Re: Oauth as proxy

    Posted Apr 26, 2019 09:19 AM

    Looks like you've found it for me :-D. thanks, this seems to be an option i've been looking for.