Editing a native OAuth provider by using the API Editor

You can edit the source and assembly policies for the Native OAuth Provider using the API editor.

About this task

If you have configured an OIDC template, you can customize it in API Editor. In the API Editor, the Source tab allows you to edit the code for the configuration using a text editor. The API Assemble tab provides a graphical drag-and-drop editor (identical to the one in API Manager) that allows you to add additional elements to the assembly for the OAuth Provider.

Note: Take care when modifying the code directly on the Source tab of the API Editor because validation is limited. For example:
  • If you change the name of auto generated assembly actions in the source code, the assembly will be prevented from updating dynamically when the OAuth provider settings are modified.
  • You must ensure that the OAuth provider name matches the value specified in the oauth-provider-settings-ref field in each OAuth assembly action.

One of the following roles is required to configure tokens for a native OAuth Provider:

  • Organization Administrator
  • Owner
  • Custom role with the Settings > Manage permissions

You can modify the native OAuth provider configuration by selecting the API Editor page immediately on completion of the creation operation detailed in Configuring a native OAuth provider, or you can update the configuration for an existing native OAuth provider. If you want to update the configuration for an existing native OAuth provider, complete the following steps before following the procedure described in this topic:

  1. Click Resources icon Resources > OAuth Providers.
  2. Select the required native OAuth provider.

Procedure

  1. Click API Editor in the sidebar menu.
  2. In the Source tab, view and edit the policies to customize the behavior for the OAuth provider.
  3. In the API Assemble tab, use the drag and drop editor to add additional policies to the OIDC behavior.
    Note: If you add a policy that references a TLS profile, an invoke policy for example, then when you publish an API that uses this OAuth provider, you must ensure that the TLS profile is enabled for the Catalog to which you publish the API. For details on how to enable a TLS profile in a Catalog, see Creating and configuring Catalogs.
  4. Save the edits.
  5. Click Save when done.

Results

You can use the OAuth Provider to secure the APIs in a catalog.