1/7
Contents
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documents
1
Using OAuth With Services Gatekeeper
About Services Gatekeeper Support for OAuth Authentication Server
Using SAML Assertions to Access Resources
Understanding OAuth 2.0 Concepts
Understanding OAuth Terminology
About the OAuth/Services Gatekeeper Entities and Their Relationships
About the OAuth Protocol Endpoints
Understanding How Services Gatekeeper Works with OAuth
OAuth Component to Services Gatekeeper Component Mapping
Understanding the OAuth Endpoints
Authentication of Network Flows
Authenticating RESTful APIs Acting on Application-Initiated Traffic
Authenticating REST APIs Acting on Network-Initiated Traffic
Mapping a Resource to a Services Gatekeeper Method
Securing Resources with Multiple Owners
Support For SAML Assertions
Support for Anonymous Customer References
Accessing the OAuth Log Messages
Understanding OAuth Specification Compliance
Supported Communication Services
Supported OAuth Server Roles
Supported Authorization Grant Types
Extension Grant Flows Enabled Through Supported Grant Types
Supported Token Types
Supported Client Profiles
OAuth Flows Supported by Services Gatekeeper
Authorization Code Grant
Implicit Grant
Refresh Token Grant
Supported URIs (Subscribers)
2
Protecting Services Gatekeeper Resources with OAuth
Managing OAuth Resources
Understanding Resource Mapping
Understanding the Services Gatekeeper Resource Server
Understanding the Services Gatekeeper Authorization Server
Understanding the Services Gatekeeper Authentication Server
Provisioning Mapped Resources
Managing Clients
Mapping Resources to Resource Owners
Authenticating Subscribers
About the MBeans Used to Provide OAuth Functionality
Understanding OAuth EAR Files
EDRs and Alarms
Deploying and Configuring OAuth Functionality
Configuring OAuth
Creating Protected Resources
Protecting RESTful Communication Services
Protecting Subscription Resources
Configuring Authentication
Using the Default Subscriber Manager
Using Delegated Authentication
Configuring Resource Rules to Protect Resources
Creating Individual Resource Owners
Creating a Resource Rules File Using Regular Expressions
Uploading the Resource Rules to Services Gatekeeper
Configuring Clients to Protect Access to Resources
Configuring SAML (Optional)
Protecting Resources in a Custom Communication Service
Example: Protecting the OneAPI Payment Service with OAuth
Steps to Protecting the OneAPI Payment Service with OAuth
Adding a Client in Services Gatekeeper
Configuring the Authentication URL
Adding One API Payment Communication Service as an OAuth resource
Adding a New Subscriber
Assigning the Resource to the Subscriber to Act as Resource owner
Understanding the OAuth Resource Format
Resource Representation Example
3
Monitoring OAuth Services in Service Gatekeeper
Understanding OAuth Runtime Actions
Issuing OAuth Tokens
Default Authentication and Authorization
Authorization for Group URIs
Understanding Token Validation
Managing Tokens
EDRs Generated by the OAuth Service
OAuth/Services Gatekeeper Errors and Exceptions
4
Developing Services Gatekeeper Services Using OAuth
Understanding How to Apply SAML Tokens
Understanding Token Request Messages
Understanding Token Response Messages
Understanding SAML Assertion Validation Messages
Understanding OAuth Customization
Implementing a Third-Party Authentication Service
Authentication Process Flow
Creating an OAuth Interceptor
Examples: Using a Custom OAuth Interceptor to Retrieve OAuth Information
Integrating a Third-Party Subscriber Repository
Creating an OAuth Extension Handler
Customizing OAuth Resource Grant Tests
OAuth Application Developer Guide
Interacting with the Services Gatekeeper OAuth Service
OAuth Access Flow In Services Gatekeeper
Scripting on this page enhances content navigation, but does not change the content in any way.