Layer 7 API Management: OAuth Toolkit Hard-coded Ports
Article ID: 77512
Updated On:
Products
STARTER PACK-7
CA Rapid App Security
CA API Gateway
Issue/Introduction
There are times when the default port of 8443 is undesirable when using the OTK. Such is the case when a load balancer is fronting the Gateway and communicates over port 443.
How can the hard-coded port, 8443, be modified in the OTK policies?
How can the hard-coded port, 8443, be modified in the OTK policies?
Environment
Release:
Component: APIESM
Component: APIESM
Resolution
There are several policies that contain the hard-coded port. Depending on your needs you will need to modify these policies to remove the port. Open each policy and use the policy search to locate context variables containing '8443'.
For OTK 4.0 and newer some of these policies are read-only. You will need to copy the variables from the base policy into the corresponding hash policies, ie: #OTK Variable Configuration.
OTK Authorization Server Configuration
OTK Variable Configuration
OTK Client Context Variables
OTK id_token configuration
OAuth 2.0 Client - authorization_code
OAuth 2.0 Client - ropc
OAuth 2.0 Client - SAML-Bearer
OAuth manager config
OTK OVP Configuration
OTK Storage Configuration
For OTK 4.0 and newer some of these policies are read-only. You will need to copy the variables from the base policy into the corresponding hash policies, ie: #OTK Variable Configuration.
OTK Authorization Server Configuration
OTK Variable Configuration
OTK Client Context Variables
OTK id_token configuration
OAuth 2.0 Client - authorization_code
OAuth 2.0 Client - ropc
OAuth 2.0 Client - SAML-Bearer
OAuth manager config
OTK OVP Configuration
OTK Storage Configuration
Additional Information
For 4.x, please reference the documentation located here: https://techdocs.broadcom.com/us/en/ca-enterprise-software/layer7-api-management/api-management-oauth-toolkit/4-4/customizing-the-oauth-toolkit/set-an-alternative-https-port.html
Feedback
Yes
No
Powered by
