CA API Developer Portal: Customize OAuth Error Response
Article ID: 118915
Updated On:
Products
CA API Gateway
Issue/Introduction
When protecting a portal published API with OAuth, the HTTP status returned is generic, i.e: 400 Bad Request
How can this be set to the actual return code? Such as 401 unauthorized.
Environment
Release:
Component: APIMBL
Component: APIMBL
Resolution
The error is returned in the "Standard Policy Template Fragment - OAuth 2.0" template.
Particularly through the customize error response assertion.
To change this to the response provided by the 'OTK Require OAuth 2.0 Token' assertion you will need to follow the below.
This assertion is responsible for accepting and validating tokens and outputs a variable ${Status} containing the error code returned.
1) Find the 'Customize Error Response' assertion located near line 126 in the policy
2) In the assertion properties change the field "Response HTTP Status" to ${status}
3) Save and activate the policy
4) Now right click on the "Standard Policy Template Fragment - OAuth 2.0" encapsulated assertion and select 'Encapsulated Assertion Properties"
5) In the Outputs section, add the name Status
Particularly through the customize error response assertion.
To change this to the response provided by the 'OTK Require OAuth 2.0 Token' assertion you will need to follow the below.
This assertion is responsible for accepting and validating tokens and outputs a variable ${Status} containing the error code returned.
1) Find the 'Customize Error Response' assertion located near line 126 in the policy
2) In the assertion properties change the field "Response HTTP Status" to ${status}
3) Save and activate the policy
4) Now right click on the "Standard Policy Template Fragment - OAuth 2.0" encapsulated assertion and select 'Encapsulated Assertion Properties"
5) In the Outputs section, add the name Status
Feedback
Yes
No
Powered by
