Overview of Cloud API Management OAuth2 Backend Authentication Adaptor

The connector allows you to secure target requests using OAuth access tokens obtained from customer-provided OAuth token endpoint details. It caches the obtained OAuth token to reduce the number of OAuth calls for every target request, improving performance and efficiency during subsequent requests.

Description

• This feature secures APIs using access tokens obtained from a customer-specified OAuth Token Server Endpoint

• The adaptor first checks the cache for an existing access token. If found, it uses this token to augment the target request with the authorization request header.

• If the access token is not present, the adaptor requests one from the configured token endpoint and caches the provided token.

• If introspection details are provided in the post-process, the adaptor also introspects the token to obtain the updated TTL from the introspect response(Time To Live) and overrides the defaultTtL set in the cache during pre-processing.

• You must enable Post-processing even when introspect is not required for TTL and 401 error processing.

• The priority of the cached token TTL is expires_in received in the token endpoint, followed by expiry calculated by the introspect response, and then the defaultTtl.