Thanks Ronald for giving such low level explanation & helping such a way.
Question:)If I change the token expiry then whether it will change for all other API or client registered in OAuth manager or it will change for the particular client I registered for customization in OAuth manager. As for all the other client "expire_in:3600"
Question 2)Now your answer Step 1 & Step 2 is very clear & done.
For step 3 please give me postman script please as the CURL command I running in my local system in command prompt is not working.
The below postmen script work for me for getting access token without customization:
https://api.broadcom.com/auth/oauth/v2/token?grant_type=client_credentials&client_id=eb1f1156-1eea-477d-ab41-eda1ff86ee05&client_secret=fe473603-02bd-475b-9eg6-c758b064993g&scope=oob . PFB
Please help in inline comment :
Warm Regards,
Sanjeev
Original Message:
Sent: 05-14-2020 05:51 AM
From: Ronald Dsouza
Subject: OTK token lifetime customization
Okay
Step 1: In the policy manager search for the following keyword:
------------------------------
Pre-Sales Consultant
CA Southern Africa
Original Message:
Sent: 05-13-2020 12:07 PM
From: Sanjeev Yadav
Subject: OTK token lifetime customization
Thanks for help Ronald . May be m new in this so I not getting this.
1) I import the attached code in Policy Manager I heat through postman but did not get anything.
PFB:
PFB for postman:
Please tell me as follows:
1) If I change the lifetime for the token it will change for all the API or it will change for the particular API only for which I want to change the token lifetime?
2) The Code attachment you given after the piece of code I have to hit the OAuth manager or where it will route to get the token?
3) My requirement have to use "OTK Require OAuth 2.0 Token" & for that I register a client in OAuth Manager but need customization on
"expires_in": 86400, PFB my code screen shot & PFA of the code also.
Please help as I struggling since long & m very new with it .
Original Message:
Sent: 05-12-2020 06:54 AM
From: Ronald Dsouza
Subject: OTK token lifetime customization
In the OTK --> Customization Folder look for
#OTK_Token_Lifetime_Configuration
Update the policy with the XML file attached
and then do a postman script or CURL
curl --location --request POST 'https://<URLGW>/auth/oauth/v2/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'username=<<userName>>' \
--data-urlencode 'password=<<userName>>' \
--data-urlencode 'scope=oob' \
--data-urlencode 'grant_type=password' \
--data-urlencode 'client_id=<<Client_ID>>' \
--data-urlencode 'client_secret=<<Client_Secret>>'
This will give you token that is the expiry time period
Then when you make a request to your service as shown the screengrab.
Remove the part about custom_json (that the wrong location)
Make the request to you services
option 1: - either via http/s://<gatewayURL:[8080|8443]>/<servicePath>?access_token=<receivedToken>
option 2: Authorization header : bearer <receivedToken>
Please read this Guide:
https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-api-management/api-management-oauth-toolkit/4-3/customizing-the-oauth-toolkit/client-specific-customization.html
------------------------------
Pre-Sales Consultant
CA Southern Africa
Original Message:
Sent: 05-11-2020 06:47 AM
From: Sanjeev Yadav
Subject: OTK token lifetime customization
as per the ref: link I prepare the service like below. Please suggest whether I should go like this way ?
Now how to configure the OAUTH manager for it & share with the consumer ?
Please assist with complete flow.
Original Message:
Sent: 05-11-2020 03:47 AM
From: Ronald Dsouza
Subject: OTK token lifetime customization
Hi Sanjeev,
This article should assist you
https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-api-management/api-management-oauth-toolkit/4-3/customizing-the-oauth-toolkit/client-specific-customization.html
Ref:
https://community.broadcom.com/enterprisesoftware/communities/community-home/digestviewer/viewthread?GroupId=1255&MessageKey=219962e7-1222-4589-903e-aaa002ba9d94&CommunityKey=0f580f5f-30a4-41de-a75c-e5f433325a18&tab=digestviewer
------------------------------
Pre-Sales Consultant
CA Southern Africa
Original Message:
Sent: 05-10-2020 11:36 AM
From: Sanjeev Yadav
Subject: OTK token lifetime customization
Hi Joe,
Few question on the top of it.
1)I need to share the url for generating the token of OAUTH manager like below?
https://ouroauthm.sectet.com/auth/oauth/v2/token?grant_type=client_credentials&client_id=c0e20a35-at65-45f8-b5h7-ad30ea4a2994&client_secret=da4f0750-6249-40f2-97g9-a9a543062rt5&scope=default
in response we get the response like below:
{
"access_token": "cfa08f98-edc7-7557-b8d8-5bf03ef630b0",
"token_type": "Bearer",
"expires_in": 3600,
"scope": "oob"
}
How to configure the oauth manager thus I can get "expires_in": 86400,
2) I have to customize the token life time for a spefic API. If I customize the variable for changing token life time then it will change for all other API also?
Please assist as it's urgent if possible give me sample code.
Regards,
Sanjeev
Original Message:
Sent: 05-10-2020 12:43 AM
From: Joe Dascole
Subject: OTK token lifetime customization
Hi Sanjeev,
The below doc details how to change the default lifetime values for the access token.
https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-api-management/api-management-oauth-toolkit/4-4/customizing-the-oauth-toolkit/configure-token-lifetime-properties.html
Original Message:
Sent: 05-08-2020 11:53 AM
From: Sanjeev Yadav
Subject: OTK token lifetime customization
How to configure OAuth Manager that the token remain valid for 1 hour. instead of 3600 sec.
I register a client in Oauth Manager & share the URL with the source system like below:
https://ouroauthm.sectet.com/auth/oauth/v2/token?grant_type=client_credentials&client_id=c0e20a35-at65-45f8-b5h7-ad30ea4a2994&client_secret=da4f0750-6249-40f2-97g9-a9a543062rt5&scope=default
I want the "expires_in": 86400 sec,. Configure the below mentioned property but did not get the "expire_time=8600" it remain as "expires_in": 3600,PFB:
"lifetimes":{
"oauth2_access_token_lifetime_sec":86400,
"oauth2_refresh_token_lifetime_sec":432000
}
{
"access_token": "cfa08f98-edc7-7557-b8d8-5bf03ef630b0",
"token_type": "Bearer",
"expires_in": 3600,
"scope": "oob"
}
How can I reset the value "expires_in":86400?
Using "OTK Require OAuth 2.0 Token" assertion.
The requirement is from source system via OAuth I have to route to target system. I register a client in oauth manager & share the url to source system.Source system hitting the URL & pass to token to layer 7 which valid for 1 hour. Now as per the requirement we have to extent the token validity to 24 hour.
Please assist