Remove "resource" field from /auth/oauth/v2/token
search cancel

Remove "resource" field from /auth/oauth/v2/token

book

Article ID: 258505

calendar_today

Updated On:

Products

CA API Gateway

Issue/Introduction

We use this token API to get the access-token. But in response we are seeing additional field "resource". we don't want the field. can you please help us removing the field " resource".

Gateway: 10.1 version  OTK 4.6

{

    "access_token""",
    "token_type""Bearer",
    "expires_in"3600,
    "scope""oob",
    "resource": []
}

 

Environment

Release : 10.1

Resolution

We have a workaround adding a context variable 

For End Point: auth/oauth/v2/token

OTK-> Server -> DMZ -> OAuth 2.0 -> TokenServer

auth/oauth/v2/token

For OTK 4.6 

Added “Set Context Variable” Line 147,  before the "Return Template Responses to Requestor" currently Line 147 that excludes "resource"

clientResponse

{

  "access_token":"${at_token}",

  "token_type":"Bearer",

  "expires_in":${at_lifetime},

  "scope":"${scope.granted}"

}

 

Changes from:

{

    "access_token": "6ecd2010-3aae-4320-b5a1-f8e338c49e7c-1674753306",

    "token_type": "Bearer",

    "expires_in": 3600,

    "scope": "oob",

    "resource": [

        "https://GatewayHost/*"

    ]

}

TO:

{

    "access_token": "21de10ba-cbc4-4bfe-b086-4dfa8fef48a7-1674753275",

    "token_type": "Bearer",

    "expires_in": 3600,

    "scope": "oob"

}

 

screenshot

 

 

Additional Information

NOTE this is a workaround it will get overwritten when OTK is updated 

 

Powered by Wolken Software