When running CA Access Gateway (SPS), one might like to know if
there's an OAuth Authentication Scheme in 12.8. This will be useful
to federate legacy application access with OAuth, without using SAML
Federation.

At first glance, since Policy Server 12.6, the OAuth Authentication
Scheme is deprecated (1).

Now, it seems that API Gateway provides a toolkit to protect your
application with OAuth (2) and a Communities gives some details about
its implementation (3).

In order to get "a cleaner way to create an authentication scheme to use an
OAuth or OIDC flow" we invite you to open an Enhancement Request (Idea) :

  1. Go to the "All Ideas" page :
     https://community.broadcom.com/ideation/allideas
  2. Click on the "Add" button.
  3. In the "Select categories...", select "Symantec Access Management".
  4. Write a title in the "title" box.
  5. Write a complete description of the Enhancement Request or
     Certification you'd like to post.
  6. Click on "Save" to get the Idea submitted !

(1)

    Deprecated Authentication Schemes

    The following authentication schemes are no longer supported:

      OAuth

    https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/siteminder/12-6-01/release-notes/changes-to-existing-features/policy-server-changed-features.html

(2)

    OAuth Toolkit

       It is a complete OAuth implementation that includes:

       - An authorization server that supports various types of handshaking with API-consuming applications
       - A resource server that protects access to APIs at runtime
       - A token management system which can be deployed in a distributed architecture.

    https://techdocs.broadcom.com/us/en/ca-enterprise-software/layer7-api-management/api-gateway/10-0/apis-and-toolkits/oauth-toolkit.html

(3)

    Layer7 API Gateway OAuth - using CA Siteminder/SSO as external login
    https://community.broadcom.com/communities/community-home/digestviewer/viewthread?MessageKey=1e6d9c81-a2c3-4321-a224-9bbc5f5dfc83#bm1e6d9c81-a2c3-4321-a224-9bbc5f5dfc83