Contents

Title and Copyright Information

Preface

• Audience
• Documentation Accessibility
• Related Documents

1 Using OAuth With Services Gatekeeper

• About Services Gatekeeper Support for OAuth Authentication Server
• Understanding OAuth 2.0 Concepts
  • Understanding OAuth Terminology
  • About the OAuth/Services Gatekeeper Entities and Their Relationships
  • About the OAuth Protocol Endpoints
• Understanding How Services Gatekeeper Works with OAuth
  • OAuth Component to Services Gatekeeper Component Mapping
  • Understanding the OAuth Endpoints
  • Mapping a Resource to a Services Gatekeeper Method
  • Securing Resources with Multiple Owners
• Compliance
  • Supported Communication Services
  • Supported OAuth Server Roles
  • Supported Authorization Grant Types
  • Extension Grant Flows Enabled Through Supported Grant Types
  • Supported Token Types
  • Supported Client Profiles
  • OAuth Flows Supported by Services Gatekeeper
    • Authorization Code Grant
    • Implicit Grant
    • Refresh Token Grant
  • Supported URIs (Subscribers)

2 Protecting Services Gatekeeper Resources with OAuth

• Resource Management
  • Resource Mapping
    • Services Gatekeeper Resource Server
    • Services Gatekeeper Authorization Server
    • Services Gatekeeper Authentication Server
  • Provisioning Mapped Resources
  • Client Management
  • Resource Owner - Resource Mapping
  • Default Subscriber Manager
• About Administering OAuth Functionality
  • OAuth EAR Files
  • EDRs and Alarms
• Deploying and Configuring OAuth Functionality
  • OAuth Configuration
    • Using the OAuthCommonMBean
  • Creating Protected Resources
    • Using the OAuthResourceMBean
  • Creating Protected Subscription Resources
  • Configuring Authentication
    • Using the Default Subscriber Manager
    • Using the SubscriberMBean
    • Using Delegated Authentication
  • Creating the Resource Owner/Resource Mapping
    • Creating Resource Owner/Resource Mappings Using Regular Expressions
    • Creating Individual Resource Owner/Resource Mappings
  • Configuring Clients
    • Using the OAuthClientMbean
  • Protecting Resources in a New Communication Service
  • Example: Protecting the OneAPI Payment Service with OAuth
    • Steps to Protecting the OneAPI Payment Service with OAuth
    • Adding a Client in Services Gatekeeper
    • Configuring the Authentication URL
    • Adding One API Payment Communication Service as an OAuth resource
    • Adding a New Subscriber
    • Assigning the Resource to the Subscriber to Act as Resource owner
• Understanding the OAuth Resource Format
• Resource Representation Example

3 Monitoring OAuth Services in Service Gatekeeper

• OAuth Runtime
  • Issuing OAuth Tokens
    • Default Authentication and Authorization
    • Authorization for Group URIs
  • Understanding Token Validation
• Token Management
  • Using the TokenMangementMBean
    • Operation: listAccessTokensByEndUser
    • Operation: listRefreshTokensByEndUser
    • Operation: listAccessTokensByClientIdAndEndUser
    • Operation: listRefreshTokensByClientIdAndEndUser
    • Operation: listAccessTokensByClientId
    • Operation: listRefreshTokensByClientId
    • Operation: countAccessTokensByClientId
    • Operation: countRefreshTokensByClientId
    • Operation: revokeAccessToken
    • Operation: revokeRefreshToken
• EDRs Generated by the OAuth Service
• OAuth/Services Gatekeeper Errors and Exceptions

4 Developing Services Gatekeeper Services Using OAuth

• Customization
  • Implementing a Third-Party Authentication Service
    • Authentication Process Flow
  • Creating an OAuth Interceptor
    • Examples: Using a Custom OAuth Interceptor to Retrieve OAuth Information
  • Integrating a Third-Party Subscriber Repository
  • Creating an OAuth2.0 Extension Handler
  • Customizing OAuth Resource Grant Tests
• Application Developer Guide
  • Interacting with the Services Gatekeeper OAuth Service
  • OAuth Access Flow In Services Gatekeeper