This policy is used to secure an API resource with OAuth. When added to a resource, this policy checks incoming requests for Access Tokens in the configured location.
Configuration
The properties that have to be configured to use the policy are described below.
Figure 1: OAuth Verify Token Policy Configuration attributes
Properties represent methods through which Access Tokens are sent.
Property | Description |
Body | Encoded Body Parameter The Access Token is added to the request body using the "access_token" parameter. |
Header | Authorization Request Header Field Bearer Access Token is sent using "Authorization" request header field with the "Bearer" HTTP authorization scheme. |
Query | URI Query Parameter The Access Token is added to the request URI query component using the "access_token" parameter. |
Scope | Scopes assigned to the API project.
|