Layer7 API Management

 View Only
  • 1.  Using OTK Session Store as Cache

    Posted Nov 20, 2019 01:28 AM
    Hi,

    We have a use case where Gateway generates an OAuth token based on the incoming session token validation with a 3rd party system. The sessionToken is a JWT that will have a user id. When we generate the OAuth token, we want to be able to cache the User id alongside the Token so that the runtime calls can validate the token against the user invoking it. 
    The OOTB Gateway cache is specific to a node and therefore we wanted to use the OTK session store to achieve this as it persists to DB. Can you please let me know if there are any issues with this approach.


  • 2.  RE: Using OTK Session Store as Cache
    Best Answer

    Broadcom Employee
    Posted Nov 20, 2019 07:34 AM
    Hi Keshava,

    If you are using an external caching server, like redis or memcached, we have a tactical assertion that can be provided that will store to the cluster.
    Otherwise, it sounds like you have created a custom grant type here, is that right?

    If so, in that policy you could simply add the JWT (or extracted user id) to the token itself when it is generated. This would persist it along side the token.
    context variable properties


    OTK Generate OAuth Token Properties

    Access Token

    Hope this helps.

    Regards,
    Joe


  • 3.  RE: Using OTK Session Store as Cache

    Posted Nov 20, 2019 09:19 AM
    Hi Joe,

    We use OTK3.2 with Gateway 9.0. As of now I have not created a custom grant type as I wasnt sure how this could be achieved - I do not see a custom field option in this version of the OTK.

    We were planning to use OTK Session Store and OTK Session Get assertions on their own to store and retrieve values that we need.