Using a PX (Policy Xpress) Action Rule with REST OAuth 2.0 Client Credentials,

we are attempting to validate whether Identity Manager can send a PX Business Rule to an external REST API using OAuth 2.0 client credentials instead of Basic Authentication.

Using external testing tools of Postman and curl, we can confirm we can send REST query when client ID and client secret are sent within the header.

Attempting to emulate this behavior with PX Action Rule, we have decoded its body.  This PX Rule is sending the client id & client secret as a base64 body.     

We have attempted to override this behavior with the PX REST API HTTP header (add on feature) but this seems to not be honored.

We suspect there is an issue with the PX REST Query API to honor headers. 

This is a product limitation. Identity Manager Policy Xpress currently does not support Client Authentication with Basic Auth in OAuth 2.0

Not currently supported, but you may consider submitting a product enhancement request:

https://broadcomcms-software.wolkenservicedesk.com/external/article?articleNumber=44090