Layer7 API Management

 View Only

Policy Repository: Retrieve OAuth Token Encapsulated Assertion 

Aug 17, 2018 04:00 PM

A simple encapsulated assertion utilizing the Client Credentials grant type in OAuth. This should work well with our own OTK and other providers that utilize this grant.

If no values are supplied to the encapsulated assertion it will default to the OTK install and test client id/secret. If the test clients are not installed and not custom values supplied it will result in an error.


To customize:

1) Import the policy (Policy manager -> Tasks -> Extensions and add-ons -> Manage Encapsulated Assertions)

2) Click the import button and browse to the XML

3) Create a new service and add the 'RetrieveOAuthToken' assertion 

4) Optionally specify the client id, client secret, redirect uri, authorization server, token server and scope(s)


You will notice the authorization server is included despite not being needed with this grant type... why?

Because I hope to expand on this policy to handle the other grant types as well. I wanted to start small and help build this out.


Please feel free to share your feedback, did something not work right? something you want to improve on?

0 Favorited
1 Files
zip file   2 KB   1 version
Uploaded - May 29, 2019

Tags and Keywords

Related Entries and Links

No Related Resource entered.