Adding an OAuth assembly action

The OAuth assembly action defines the requested OAuth processing based on OAuth provider settings.

About this task

The OAuth assembly action can retrieve OAuth provider settings by using the following methods in increasing order of precedence.
  1. A valid OAuth provider settings configuration from which to retrieve its properties as the default OAuth provider settings.
  2. A literal string as serialized XML or JSON properties as OAuth provider settings. These properties take precedence over any existing default properties.
    • The XML form of the string is as follows.
      <OAuthProviderSettings><property>value</property></OAuthProviderSettings>
    • The JSON form of the string is as follows.
      { \"OAuthProviderSettings\" : { \"property\" : value } }
    For more information, see the oauth-provider-settings-ref command.
  3. A string that represents a named context or a URL that represents a named context from which to retrieve the serialized XML or JSON properties as parse settings. These properties take precedence over any existing literal or default properties.
You can configure the action to support one or more of the following processing components.
Validate request
Validates the authorization request from the client.
Generate authorization code
Generates the authorization code for the client, which represents the resource owner's authorization that grants access to the requested resource.
Verify authorization code
Verifies the authorization code from the client.
Verify refresh token
Verifies the refresh token that is presented by the client.
Generate access token
Generates the access token to the client when the authorization code or refresh token is verified.
Introspect token
Introspects the token to determine its state. When active, its metadata.

When the action does not support a processing component but that processing is requested, the unsupported component is not run.

The correlation path indicates the part of the API definition that correlates with the assembly action. This path is included in the debug data for use by debugging tools. For example, when an API configuration is specified in an OpenAPI document with gateway extensions, this path is the JSON path to the policy in the IBM extensions section of the document. The path can be expressed in any form that the debugging tool can correlate to the API definition.

Procedure

  1. In the search field, enter oauth.
  2. From the search results, click OAuth assembly action.
  3. Click Add.
  4. Define the basic properties: Name, administrative state, descriptive summary, title, and correlation path.
  5. Optional: Define how to retrieve OAuth provider settings.
    • Specify a URL to a document that contains serialized XML or JSON properties.
    • Specify a literal string that contains serialized XML or JSON properties.
    • Specify an existing OAuth provider settings configuration.
  6. Specify the supported OAuth processing components.
  7. Click Apply to save changes to the running configuration.
  8. Click Save to save changes to the persisted configuration.