You can use the Authorize Client with Server filter to request a token.
Depending on the grant type this filter either makes a direct request to the OAuth provider for a token (two-legged flow), or redirects the user to the provider's authorization server to authorize the client application (three-legged flow).
The two-legged flow covers all but the authorization code flow type and if successful results in a token being placed on the message board and stored in the configured provider's token store. The filter passes and the token can be used to make resource requests with the Connect to URL filter.
In the three-legged flow (authorization code flow) the filter redirects the user and the authorization completes when the user is directed back to the client application redirect URL that was registered with the OAuth provider. For more information, see the section called “Creating a callback URL listener”.
If there is a token already stored for the user and client application, this filter sets the token on the message board and passes. If the token has expired but has a refresh token this filter attempts to refresh the token instead of requesting a new token or redirecting the user.
Configure the following general settings for the Authorize Client with Server filter:
Name:
Enter a suitable name for this filter.
Optionally use an explicit profile:
Select this option and click the browse button to explicitly select an OAuth2 client credential profile. This can be used if no preceding filter has set the application profile on the message board, or to override the existing application profile.
You can configure SSL settings, such as trusted certificates, client certificates, and ciphers on the SSL tab. For details on the fields on this tab, see the Connect to URL filter in the API Gateway User Guide.
The Settings tab allows you to configure the following additional settings:
-
Retry
-
Failure
-
Proxy
-
Redirect
-
Headers
By default, these sections are collapsed. Click a section to expand it.
For details on the fields on this tab, see the Connect to URL filter in the API Gateway User Guide.
