API Connect

API Connect

Join this online group to communicate across IBM product users and experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only
Back to discussions
Expand all | Collapse all

Obtain token from APIC instead of 3rd party OAuth Server

  • 1.  Obtain token from APIC instead of 3rd party OAuth Server

    Posted Tue December 26, 2023 02:13 AM

    After configured third party OAuth provider in API Connect, how client applications can get token from APIC instead of getting token from third party OAuth server? 

    When configuring third party OAuth provider in APIC, we also configured Token URL (see below screenshot). So I believe client applications can get token from APIC right?   



    ------------------------------
    Guo Jun Qiao
    ------------------------------


  • 2.  RE: Obtain token from APIC instead of 3rd party OAuth Server

    Posted Wed December 27, 2023 10:38 AM

    Hi, 


    No client applications can't get tokens from APIC in this scenario. (Third Party OAuth Provider).

    They will need to use the third-party OAuth server directly for these operations.

    APIC will be the enforcement point, so it will perform token validation to protect access to the API resource. 

    If you want client applications to get tokens from APIC, you need to use the native OAuth provider scenario.



    ------------------------------
    Jeroen Willems
    Integration Architect - Managing Partner
    Integration Designers
    ------------------------------

    Original Message


Related Content