Layer7 OAuth Toolkit: OTK Authorization Server Configuration Details
search cancel

Layer7 OAuth Toolkit: OTK Authorization Server Configuration Details

book

Article ID: 140262

calendar_today

Updated On:

Products

CA API Gateway

Issue/Introduction

The public documentation for the OAuth Toolkit provides a general overview of the OTK Authorization Server Configuration assertion.

However, some of the fields are not completely documented.

location_consent_server      
location_login_server        
otk_session_secret           
otk_session_secret_encryption
sessionIdCacheAge            

Ref:

https://techdocs.broadcom.com/us/en/ca-enterprise-software/layer7-api-management/api-management-oauth-toolkit/4-6/customizing-the-oauth-toolkit/configure-the-authorization-server.html 

 

Environment

OAuth Toolkit 4.6

Resolution

Below are additional details for the variables set by this assertion

 

location_consent_server         

The server that is handling consent requests during response_type requests.

           i.e.: https://myserver.com:8443/auth/oauth/v2/authorize/consent

 

location_login_server            

The server that is handling login requests during response_type requests.

           i.e.: https://myserver.com:8443/auth/oauth/v2/authorize/login

 

otk_session_secret               

The secret used to sign the secure login session data, 

           ie: c9386fdf6ce74209950435db43157148

 

otk_session_secret_encryption    

The secret used to encrypt the secure login session data, 

 

           ie: c9386fdf6ce74209950435db43157148

 

sessionIdCacheAge                

Used for the internal session. During this period a request can be authorized 

 

Powered by Wolken Software