API Policies > Third-party authentication and authorization > Register an authorization server
  

Register an authorization server

If you are assigned the Deployer or Admin role, you can add your client's authorization server, generate the user-specific OAuth 2.0 client token, and use the token to grant users permissions for accessing a managed API or managed API groups.
Complete the following steps to register the authorization server of the third-party identity service for authentication.
    1On the Third-Party Authentication tab of the Configuration page, click Register Authorization Server.
    The Register Authorization Server dialog box appears.
    2Enter the following details:
    Field
    Description
    Issuer
    The unique identifier or absolute URL of your organization's identity provider.
    Must use the same HTTPS scheme as the key URL and be a subset of the key URL.
    Maximum length is 255 characters.
    JWKS URI
    The URL where your identity provider publishes its public keys. This URL is crucial for verifying security during authentication.
    IDP Attribute Name
    A specific data field (claim) from the security token provided by your identity provider that API Center uses to identify the IDMC user.
    The default value is sub. Sub is short for subject.
    IDMC Attribute Name
    The IDMC attribute name used to identify the IDMC user. Allowed values are Alias Name and User ID.
    Verify JWKS URI
    The URL must use the same HTTPS scheme as the issuer URL.
    Default is enabled. For an identity provider where the URL and HTTPS schema are different from the issuer URL, disable this option.
    3Click Add.
    The added authorization server appears in the third-party authentication tab.