Introduction

In this tutorial you will be learning how to request for OAuth token to try out an OAuth2 protected API from webMethods Developer Portal try out page.

Pre-requisite

The tutorial assumes that the reader has:

• a basic understanding of API Gateway’s its policy enforcement and webMethods Developer Portal
• a basic knowledge on OAuth 2 authentication framework

In this tutorial the basic details of how to setup OAuth2 authentication server in API Gateway will be covered. But for more details you could refer the following tutorial OAuth2 in API Gateway

Steps to follow

Step 1: Enable HTTPS port in API Gateway

The OAuth2 token request by default could be invoked via https only. To ensure https port is enabled go to Administration → Security → Ports

image1355×425 31.2 KB

Step 2: Configuring local authorization server in API Gateway

Go to Administration → Security→ JWT/OAuth/OpenID

image1476×612 49.4 KB

In internal authorization servers, Local authorization server is gateway acting as the authorization server. Click on local. You can see the OAuth configuration, issued OAuth tokens and OAuth scopes.

image1562×740 35 KB

OAuth scopes: Scopes are the ways to limit the access to the protected resources. Scopes are generally the business uses(say readonly, write, inventory). You can define your own scopes here. Scope is mandatory to map the API or Resource. So i’ll create a scope call Tracker

Step 3: Importing an API into API Gateway and Enforcing OAuth 2

Let me import an API to get latest bitcoin price

image1066×504 25.3 KB

image2530×294 30.3 KB

Edit an API in API Gateway. Click Edit. Click Identity and Access management. Click Identify and authenticate icon. Tick OAuth2 Token. This procedure will enforce OAuth authorization for this service.

image2529×736 68.3 KB

Then Activate an API

image2224×269 24.8 KB

Step 4: Linking authorization server scopes to the API Scopes

Now the authorization server has scope Tracker. To provide the meaning to the authorization server scopes. Go to OAuth/OpenID scopes under main menu. Click “Map scope”.

Add the Authorization Server scope

image1864×568 30.2 KB

Then Add the API

image2281×455 32.5 KB

Step 5: Registering webMethods Developer Portal in API Gateway

Go to Administration → Destinations → API Portal → Configurations. Provide the webMethods Developer Portal communication details and Publish. Note the OAuth2 token request would work only on top of https connection. So ensure you provided https URL of API Gateway

image1803×810 58.1 KB

Next publish an API

image2237×702 51.4 KB

Step 6: Request an Application for an API from webMethods Developer Portal

Login to webMethods Developer Portal. You must be seeing the published API. Click the API. Click consume button to request new application

image1865×312 28.5 KB

image1065×672 22.8 KB

The request would create an Application in API Gateway and the credentials would be shared to webMethods Developer Portal

image1487×840 53.3 KB

Step 7: Requesting an OAuth token and trying out an API

Now we have an Application, to request OAuth token go to tryout page of an API and select an Application,

image1848×596 43.2 KB

Click ‘+’ button. Select the required Grant type and scope. And click Get token

image1750×743 69.1 KB

You will be getting this popup with the services to which you want to give access to

image1862×371 22.3 KB

Once its approved the page will be closed automatically and you will be able to view the token in webMethods Developer Portal. Now if you hit the send button you will be able to access the API

image1619×811 38 KB