Apigee - 4MV4D - Secure your APIs using OAuth 2.0 Resource Owner Password Credentials - S24E08
Комментарии:
Hi Anil,
I used below code in a policy to generate token and passing the parameters required in form data:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<OAuthV2 name="GetAccessToken">
<Operation>GenerateAccessToken</Operation>
<ExpiresIn>180000</ExpiresIn>
<SupportedGrantTypes>
<GrantType>password</GrantType>
</SupportedGrantTypes>
<Scope>request.formparam.scope</Scope>
<GrantType>request.formparam.grant_type</GrantType>
<UserName>request.formparam.username</UserName>
<PassWord>request.formparam.password</PassWord>
<GenerateResponse/>
</OAuthV2>
I used below code in securing api(mock) oauth2 policy
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<OAuthV2 async="false" continueOnError="false" enabled="true" name="OA-VerifyToken-RO">
<DisplayName>OA-VerifyToken-RO</DisplayName>
<Properties/>
<Attributes/>
<ExternalAuthorization>false</ExternalAuthorization>
<Operation>VerifyAccessToken</Operation>
<Scope>IP</Scope>
<SupportedGrantTypes>password</SupportedGrantTypes>
<GenerateResponse enabled="true"/>
<Tokens/>
</OAuthV2>
Even though i passed scope as IP in a call to generate token, i recieved scope as null in the response.
When i passed the access token to api (mock), i am receiving the teps.oauth.v2.InsufficientScope error. Please guide me.
Thank you , i was looking for this video, but couldn't find it , now its here.
Ответить
