OAuth 2.0 client credential profiles enable you to globally configure authentication settings for OAuth 2.0 as a client. An OAuth 2.0 credential profile is the combination of OAuth service provider details and a specific OAuth client application. An OAuth service provider defines the authorization and token endpoints. API Gateway includes the following preconfigured OAuth providers:
Client applications must be registered with the service provider to obtain a client ID and secret as well as to register additional details like the OAuth flow type and redirect URL (where required).
The API Gateway provider represents OAuth services running on an API Gateway. For more information on setting up the OAuth server on API Gateway, see Set up API Gateway as an OAuth 2.0 server. The API Gateway provider uses the existing OAuth server samples for authorization and token endpoints (for example, https://127.0.0.1:8089/api/oauth/authorize
and https://127.0.0.1:8089/api/oauth/token). The Google and SalesForce provider settings ship with the current public endpoints.
You can access the preconfigured OAuth providers and add client application credentials under the External Connections node in the Policy Studio tree. You can also add new OAuth providers. See Add OAuth provider for more information.