Hello
I have an API configured with OAuth to authorize access based on token provided and this works. However, I would also like to identify which user called the API. Is this possible? I have API Gateway version 10.3.
Regards,
Yunus Aswat.
Hi Yunus,
Can you please elaborate a bit more on the use case? Are you looking for passing the user details to API along with OAuth?
Regards.
Hello Prabaa,
Yes I do want the user details passed and authenticated in addition to OAuth (OR is there a way to relate the OAuth token back to the user who obtained it?). I want to log using the “Log Invocation” policy so that I can aggregate and report on who accessed the API.
Regards,
Yunus Aswat.
Hi Yunus,
You can use Basic Auth along with OAuth but you have to create a custom policy in Identify and Access to do this.
Hope it helps.
Regards.
Hello Praba,
Thank you for the information.
I now have the challenge of introspecting the MessageContext to pull out the OAuth token. There appears to be very little documentation available about MessageContext. Where can I find documentation about this? Also what jars do I need?
Regards,
Yunus Aswat.
Hi Yunus,
I believe you are trying to use the MessageContext variable. Please use the below documentation.
Regards.
This topic was automatically closed after 1083 days. New replies are no longer allowed.