API Gateway: OTK Client Type (confidential -vs- public)
Article ID: 189575
Updated On:
Products
CA API Gateway
Issue/Introduction
With respect to OTK, which policy checks if a client type is Public or Confidential?
Environment
Layer 7 Management OAuth Toolkit: 4.3.X
Resolution
The OTK Client Validation policy is the policy where we are checking the client type.
Once a client is registered, using the OTK Manager Client DB GET, we are getting the details of the clients which are registered. For that we are using getAll and storing in a clientstore. Using the result of the clientstore, the OTK Client Validation policy is validating the client type.
Once a client is registered, using the OTK Manager Client DB GET, we are getting the details of the clients which are registered. For that we are using getAll and storing in a clientstore. Using the result of the clientstore, the OTK Client Validation policy is validating the client type.
Additional Information
We adhere to the rules and principles outlined by OAuth: https://tools.ietf.org/html/rfc6749
Feedback
Yes
No
Powered by
