Defining OAuth2 security scheme components
An OAuth2 security scheme component defines the settings for controlling access to the API operations through the OAuth authorization standard.
Before you begin
Before you can create an OAuth2 security scheme component, you must:
- Create an OAuth provider.
- To use Cloud Manager, see Configuring a native OAuth provider or Configuring a third-party OAuth provider.
- To use API Manager, see Configuring a native OAuth provider or Configuring a third-party OAuth provider.
- Add the OAuth provider to a catalog. If you have not created any catalogs, use the Sandbox Catalog. See the OAuth instructions step in Creating and configuring Catalogs.
About this task
Note:
- This task relates to configuring an OpenAPI 3.0 API definition. For details on how to configure an OpenAPI 2.0 API definition, see Editing an OpenAPI 2.0 API definition.
- OpenAPI 3.0 APIs are supported only with the DataPower® API Gateway, not with the DataPower Gateway (v5 compatible).
- For details of current OpenAPI 3.0 support limitations, see OpenAPI 3.0 support in IBM® API Connect.
You can complete this task either by using the API Designer UI application, or by using the browser-based API Manager UI.
To make use of an OAuth2 security scheme component, you must reference it from elsewhere in your API definition. For more information, see Enforcing security requirements on an API and Enforcing security requirements on an operation.
At any time, you can switch directly to the underlying OpenAPI YAML source by clicking the Source icon . To return to the design form, click the Form icon .