Other OAuth processing

Other OAuth processing allows customization of the OAuth client’s default behavior.

You can use custom OAuth processing in the following situations.
  • Use the authorization_form operation to support selected scope-handling by the resource owner.
  • Use the authorization_request operation to provide custom handling after successfully generating a code for an authorization code grant.
  • Use the access_request operation to provide custom handling after successfully generating an access token.
  • Use the validate_request operation to make a validation request after successfully verifying an access token.
  • Use the resource_request operation to make a resource request after successfully verifying an access token but before the request is sent to the resource server.
  • Use the revoke_request operation to handle DataPower revocation grant types.
  • Use the check_revocation_request operation to check whether a token is successfully revoked.
  • Use the preapproved_check operation to verify whether the resource owner pre-approves an authorization request from the client.
  • Use the scope_override_request operation to override the scope that is requested by the application.
  • Use the miscinfo_request operation to add miscellaneous information to a token. The maximum number of characters in this information is 1024.