Skip to main content
Feedback

Usage

  • The client app is responsible for acquiring the OIDC token upfront.

  • The client app must pass the Cloud API Management key in the request and the OIDC ID token in the 'Authorization' header.

  • You must configure an optional unique UserInfo endpoint for geo-distributed OAuth2.0 authorization server.

    For example, the France region may have a different UserInfo endpoint than the Switzerland or USA regions. Conditional UserInfo endpoints can be configured and selected based on additional metadata, like custom headers in the API request.

  • One service endpoint should have fewer than ten regions to the UserInfo endpoint mappings.

  • Optional configuration to to enrich header with values from UserInfo endpoint JSON response on successful UserInfo must be configured.

    • Configurable JSONPath expression to find a value from a JSON response.

    • The connector supports UTF-8 for internationalization and special characters such as "Claes Rosenlöf" when injecting the header value.

    • An unmatched JSONPath expression that does not find a value in the UserInfo endpoint response is silently ignored. The header is not injected in the API request.

    • Connector supports a finite number of HTTP headers, fewer than ten headers configured, to enrich API request headers.