OAuth specific Implementation
Article ID: 238316
Updated On:
Products
Issue/Introduction
My question was related to sending scope along with client credentials.
Does CA API have the capability to issue different access_token upon receiving scope along with clientID & Client secret
Environment
Release : 10.1
Component : API GATEWAY
Resolution
Yes
The docs show how to register a client from the registration you can add the scope, after this you can add more keys
After creating the new client click List keys
To added additional keys click add keys
Click List Keys, in this example create 2 keys for the same client and scope
To retrieve a token POST to the endpoint include the scope:
https://<gateway>:8443/auth/oauth/v2/token?client_id=<client_ID_Value>&client_secret=<Client_secret_Value>&grant_type=client_credentials&scope=Myscope
Example output
{
"access_token": "40323365-f29e-4ea6-92bf-15fb85e8a6ae",
"token_type": "Bearer",
"expires_in": 3600,
"scope": "Myscope"
}
Feedback
