Overview of Cloud API Management OAuth2 Backend Authentication Adapter

important

The Cloud API Management OAuth2 Backend Authentication adapter is currently supported only in Boomi Cloud API Management. Support for this adapter in Boomi Cloud API Management - Local Edition is planned for a future release.

The adapter allows you to secure target requests using OAuth access tokens obtained from customer-provided OAuth token endpoint details. It caches the obtained OAuth token to reduce the number of OAuth calls for every target request, improving performance and efficiency during subsequent requests.

Description

• This feature secures APIs using access tokens obtained from a customer-specified OAuth Token Server Endpoint

• The adapter first checks the cache for an existing access token. If found, it uses this token to augment the target request with the authorization request header.

• If the access token is not present, the adapter requests one from the configured token endpoint and caches the provided token.

• If introspection details are provided in the post-process, the adapter also introspects the token to obtain the updated TTL from the introspect response(Time To Live) and overrides the defaultTtL set in the cache during pre-processing.

• You must enable Post-processing even when introspect is not required for TTL and 401 error processing.

• The priority of the cached token TTL is expires_in received in the token endpoint, followed by expiry calculated by the introspect response, and then the defaultTtl.