This policy is used to secure an API resource with OAuth. When added to a resource, this policy checks incoming requests for access token in the configured location.
Configuration
The properties that have to be configured to use the policy are described below.
Figure 1: OAuth Verify Token Policy Configuration attributes
Properties represent methods through which access tokens are sent.
Property | Description |
---|---|
Body | Encoded Body Parameter The access token is added to the request body using the "access_token" parameter. |
Header | Authorization Request Header Field Bearer access token is sent using "Authorization" request header field with the "Bearer" HTTP authorization scheme. |
Query | URI Query Parameter The access token is added to the request URI query component using the "access_token" parameter. |