OAuth 2.0 Access Tokens API
Apigee Edge uses access tokens to define a user's permissions for modifying and using a specific API. When you apply OAuth 2.0 to the API, Edge checks the request for an access token. If an access token is present, and the API is within the scope of the access token, you are allowed to access the API. Prerequisites to use this API call are:
- The API provider has created an organization.
- You are a registered developer.
- You have created an app.
- You have a valid consumer key.
- An access token has been generated.
Resource Types
AccessToken
Method | Endpoint | Description |
---|---|---|
get | /organizations/{org_name}/oauth2/search | Gets an OAuth2 access token by end user ID, developer app ID, or both. Notes:
Search by app ID All OAuth2 access tokens generated by Edge include the ID of the developer app associated with the token, and you can search for tokens based on that ID using this API. To get a list of developer app IDs for a specific developer, see List developer apps. Search by end user ID In some cases, you may wish to search for tokens based on the ID of the user to whom the token was issued (the actual user of the client app). This ID has to be available as a flow variable when the token is generated by the OAuthV2 policy. You can pass this ID as a query parameter or in a header with the access token request, or you can retrieve it from an external identity provider, as may be the case with the password grant type. For example, you may wish to provide a way for users to discover which third-party apps they've authorized and to revoke their own access tokens for those apps. To search for tokens by user, you must first configure the OAuthV2 policy to insert a user ID into the token when it is created. This setup is described in Enable retrieval and revocation of OAuth 2.0 access tokens by end user ID, app id, or both. Use start and next to navigate through multiple pages of results When the number of access tokens returned exceeds the For example, let's say your first call returns the following response payload:
Note that the request limited the results returned per page to 10 and that the total number of results is 100. You need a way to navigate through nine more pages of results to see all 100 results. To do this, make another call with the
See the response payload below:
Note that this next page of 10 results shown above starts with the access token requested by the
You can page through each set of results by repeating this pattern of calls. Response error details The following describes common errors and what they mean.
|
AccessTokenAttributes
Method | Endpoint | Description |
---|---|---|
post | /organizations/{org_name}/oauth2/accesstokens/{access_token} | Enables you to perform one of the following tasks:
|
AccessTokenDetails
Method | Endpoint | Description |
---|---|---|
get | /organizations/{org_name}/oauth2/accesstokens/{access_token} | Gets details for an OAuth 2.0 access token. |
NameValue
Method | Endpoint | Description |
---|---|---|
post | /organizations/{org_name}/oauth2/accesstokens/{access_token} | Enables you to perform one of the following tasks:
|