Products
Applications
Support
Company
How To Buy
Skip to main content (Press Enter).
Sign in
Skip auxiliary navigation (Press Enter).
Register
Skip main navigation (Press Enter).
Toggle navigation
Search Options
Home
Communities
All Communities
Enterprise Software
Mainframe Software
Symantec Enterprise
Blogs
All Blogs
Enterprise Software
Mainframe Software
Symantec Enterprise
Events
All Events
Enterprise Software
Mainframe Software
Symantec Enterprise
VMware
Water Cooler
Groups
Enterprise Software
Mainframe Software
Symantec Enterprise
Members
Layer7 API Management
Private Community
View Only
Community Home
Threads
Library
Events
Members
Back to discussions
Expand all
|
Collapse all
sort by most recent
sort by thread
OAuth ToolKit APIs
Jump to
Best Answer
Diligent
Dec 12, 2019 09:52 AM
Hello, There is a list of APIs defined in swagger document: " https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-api-management/api-management-oauth-toolkit/4-3/apis-and-assertions/oauth-toolkit-apis.html ...
Joe Dascole
Dec 12, 2019 09:56 AM
Best Answer
Hi Ankush, You would need to disable the client cert check in the policies for the API. You can set ...
Diligent
Dec 13, 2019 10:05 AM
Hi Joe, These are API's are part of the OAuth ToolKit and I don't see them in the OTK installation ...
Joe Dascole
Dec 13, 2019 12:49 PM
Hi Ankush, The endpoints for the API's are published as wildcard services, so you will see /oauth/clientstore/* ...
1.
OAuth ToolKit APIs
0
Recommend
Diligent
Posted Dec 12, 2019 09:52 AM
Reply
Reply Privately
Options Dropdown
Hello,
There is a list of APIs defined in swagger document: "
https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-api-management/api-management-oauth-toolkit/4-3/apis-and-assertions/oauth-toolkit-apis.html
".
Couple of them requires "
Authentication is done via SSL mutual authentication". I am trying to test them via Postman, is it possible to surpass "Authentication is done via SSL mutual authentication".
Also, I tried "
/oauth/clientstore/clientKeys/count". But got below error:-
Please advise.
Thanks !!
2.
RE: OAuth ToolKit APIs
Best Answer
0
Recommend
Broadcom Employee
Joe Dascole
Posted Dec 12, 2019 09:56 AM
Reply
Reply Privately
Options Dropdown
Hi Ankush,
You would need to disable the client cert check in the policies for the API. You can set this to false.
If you must do this, be very careful and only do this in a controlled testing environment as these are intended to be secured.
Otherwise, you can export the private key and import it to Postman for mutual auth.
Original Message
Original Message:
Sent: 12-12-2019 09:51 AM
From: ankush raj
Subject: OAuth ToolKit APIs
Hello,
There is a list of APIs defined in swagger document: "
https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-api-management/api-management-oauth-toolkit/4-3/apis-and-assertions/oauth-toolkit-apis.html
".
Couple of them requires "
Authentication is done via SSL mutual authentication". I am trying to test them via Postman, is it possible to surpass "Authentication is done via SSL mutual authentication".
Also, I tried "
/oauth/clientstore/clientKeys/count". But got below error:-
Please advise.
Thanks !!
3.
RE: OAuth ToolKit APIs
0
Recommend
Diligent
Posted Dec 13, 2019 10:05 AM
Reply
Reply Privately
Options Dropdown
Hi Joe,
These are API's are part of the OAuth ToolKit and I don't see them in the OTK installation folder / Policies.
Ex:--
I tried importing gateway keys to the postman, but the error remains the same.
Thanks,
Ankush
Thanks !!
Original Message
Original Message:
Sent: 12-12-2019 09:56 AM
From: Joe Dascole
Subject: OAuth ToolKit APIs
Hi Ankush,
You would need to disable the client cert check in the policies for the API. You can set this to false.
If you must do this, be very careful and only do this in a controlled testing environment as these are intended to be secured.
Otherwise, you can export the private key and import it to Postman for mutual auth.
Original Message:
Sent: 12-12-2019 09:51 AM
From: ankush raj
Subject: OAuth ToolKit APIs
Hello,
There is a list of APIs defined in swagger document: "
https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-api-management/api-management-oauth-toolkit/4-3/apis-and-assertions/oauth-toolkit-apis.html
".
Couple of them requires "
Authentication is done via SSL mutual authentication". I am trying to test them via Postman, is it possible to surpass "Authentication is done via SSL mutual authentication".
Also, I tried "
/oauth/clientstore/clientKeys/count". But got below error:-
Please advise.
Thanks !!
4.
RE: OAuth ToolKit APIs
0
Recommend
Broadcom Employee
Joe Dascole
Posted Dec 13, 2019 12:49 PM
Reply
Reply Privately
Options Dropdown
Hi Ankush,
The endpoints for the API's are published as wildcard services, so you will see /oauth/clientstore/*
The key that is used would need to be part of a Federated Identity.
Regards,
Joe
Original Message
Original Message:
Sent: 12-13-2019 10:04 AM
From: ankush raj
Subject: OAuth ToolKit APIs
Hi Joe,
These are API's are part of the OAuth ToolKit and I don't see them in the OTK installation folder / Policies.
Ex:--
I tried importing gateway keys to the postman, but the error remains the same.
Thanks,
Ankush
Thanks !!
Original Message:
Sent: 12-12-2019 09:56 AM
From: Joe Dascole
Subject: OAuth ToolKit APIs
Hi Ankush,
You would need to disable the client cert check in the policies for the API. You can set this to false.
If you must do this, be very careful and only do this in a controlled testing environment as these are intended to be secured.
Otherwise, you can export the private key and import it to Postman for mutual auth.
Original Message:
Sent: 12-12-2019 09:51 AM
From: ankush raj
Subject: OAuth ToolKit APIs
Hello,
There is a list of APIs defined in swagger document: "
https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-api-management/api-management-oauth-toolkit/4-3/apis-and-assertions/oauth-toolkit-apis.html
".
Couple of them requires "
Authentication is done via SSL mutual authentication". I am trying to test them via Postman, is it possible to surpass "Authentication is done via SSL mutual authentication".
Also, I tried "
/oauth/clientstore/clientKeys/count". But got below error:-
Please advise.
Thanks !!
×
New Best Answer
This thread already has a best answer. Would you like to mark this message as the new best answer?
Copyright 2019. All rights reserved.
Powered by Higher Logic