I was looking through a blog post on the Oauth-introspect stanza in Webseal which allows Webseal to introspect a bearer token with an external provider and provide access to protect resources-
However I am missing the part on how to protect the junction so that it can use this flow . The blog post says the oauth-introspection can be configured for a particular junction but is there an additional POP that is needed?
I basically have a currently unprotected junction that I want to protect - ie users will request this junction with a bearer token and looking to see if Webseal can introspect this with an external ( another ISAM domain ) provider and allow access if the introspect returns active .
OAuth: WebSEAL and Cloud Identity------------------------------
Y V
------------------------------