OAuth 2.0 authentication for the API Microgateway Service
You can enable OAuth 2.0 authentication for the API Microgateway Service, to use with managed APIs that invoke an Application Integration process that uses basic authentication.
Use an application or service that supports token authentication, such as Postman, to configure an OAuth 2.0 client and to enable OAuth 2.0 authentication for the API Microgateway Service.
You can use basic authentication or a bearer token to configure OAuth 2.0 authentication for the API Microgateway Service. If you use basic authentication, enter an Informatica Intelligent Cloud Services user name and password in the authorization header. If you use a bearer token, enter the access token of the managed API in the authorization header. For more information, see Authentication and authorization.
Client tokens that you use for OAuth 2.0 authentication for the API Microgateway Service time out after a defined timeout period. After a token times out, you can't use it. You must regenerate the token.
The default timeout is 60 minutes. You can set a different timeout when you create the OAuth 2.0 client or change it later.
Use APIs to perform the following tasks for the API Microgateway Service:
•List all OAuth 2.0 clients.
•View, delete, download, or edit an OAuth 2.0 client using the client ID.
•Regenerate an OAuth 2.0 client secret.
•Disable or enable an OAuth 2.0 client.
•Download a list of deleted OAuth 2.0 clients.
•Get the access token for an OAuth 2.0 client.
Create an OAuth 2.0 client for the API Microgateway Service
Create an OAuth 2.0 client that enables managed API consumers to invoke managed APIs for the API Microgateway Service where OAuth 2.0 authentication is enabled by using an application or service that supports token authentication.
1 Open the following URL template:
https://{<host_URL>}/apimgmt/v0.4/oauth/client
where, <host_URL> is the API Manager POD URL.
For example, apim-pod2.dm-us.informaticacloud.com for US East POD.
2Edit the values of the request body to enable the OAuth 2.0 client for API Microgateway.
aIn the "name" field, enter a name for the OAuth 2.0 client. The name is case sensitive and must be unique in the organization.
The name can contain up to 32 characters, including any letter on the ASCII table, non-Latin characters, any digit, spaces, and the special characters . _ and -. The name cannot contain any of the following characters: / " ' < > & : ~ ! @ # ; % ^ * + = { } | , \
bOptionally, in the "description" field, enter a description of the OAuth 2.0 client.
The description can contain up to 1,024 characters, including any letter on the ASCII table, non-Latin characters, any digit, spaces, and the special characters . _ and -.
cOptionally, in the "accessTokenTimeout" field, enter a timeout value in minutes for the access token.
You can enter a value from 5 through 1440. If you don't enter a timeout value, the token timeout is 60 minutes.
3Invoke a POST call.
The OAuth 2.0 client is enabled for all the API Microgateway Service managed APIs in the organization that invoke an Application Integration process that uses basic authentication. You can view the enabled OAuth 2.0 client on the OAuth 2.0 Clients table on the Authorization tab of the Policies page in API Manager.
4On the Authorization tab, click Copy URL and send the access token to API Microgateway consumers.
Manage OAuth 2.0 clients for the API Microgateway Service
Use APIs to manage OAuth 2.0 clients for the API Microgateway Service. Perform the following tasks to view, delete, and edit OAuth 2.0 clients, and to download a list of deleted clients:
View all OAuth 2.0 clients
Use the following URL to request a list of all the OAuth 2.0 clients for API Microgateway:
https://{<host_URL>}/apimgmt/v0.4/oauth/client/
Invoke a GET call to receive a list of all the OAuth 2.0 clients.
Download a list of deleted OAuth 2.0 clients
Use the following URL to download a list of the deleted OAuth 2.0 clients for API Microgateway:
Invoke a GET call to view the OAuth 2.0 client details.
Invoke a DEL call to delete the OAuth 2.0 client.
Invoke a PATCH call to edit the OAuth 2.0 client details. Edit the values of the request body to update the OAuth 2.0 client.
Regenerate an OAuth 2.0 client secret for the API Microgateway Service
You can regenerate an OAuth 2.0 client secret for the API Microgateway Service if needed. When you regenerate the client secret, API Manager disables the current client secret.
2Paste the client ID of the OAuth 2.0 client into the URL template.
3 Invoke a GET call.
API Manager regenerates the client secret and authorization header value.
4On the response body, copy the new client secret and send it to API Microgateway consumers.
Disable and enable OAuth 2.0 clients for the API Microgateway Service
When you create an OAuth 2.0 client for the API Microgateway Service, it is enabled by default. You can disable a client and enable a disabled client. API consumers can't use disabled OAuth 2.0 clients for authentication.