API Gateway 7.5.3 OAuth User Guide Set up API Gateway as an OAuth 2.0 server Note If you have installed API Manager, the OAuth server capabilities are already installed. You can skip this section. To set up API Gateway as an OAuth authorization server and OAuth resource server, you must run the provided deployOAuthConfig.py script. For more information, see Deploy the OAuth service. The API Gateway provides the following endpoints used to manage OAuth 2.0 client applications: Description URL Authorization Endpoint (REST API) https://HOST:8089/api/oauth/authorize Token Endpoint (REST API) https://HOST:8089/api/oauth/token Token Info Endpoint (REST API) https://HOST:8089/api/oauth/tokeninfo Revoke Endpoint (REST API) https://HOST:8089/api/oauth/revoke Client Application Registry (HTML Interface) https://HOST:8089 Client Application Registry (REST API) https://HOST:8089/api/kps/ClientApplicationRegistry In this table, HOST refers to the machine on which API Gateway is installed. Note To enable these endpoints, you must first enable the OAuth listener port in the API Gateway. For more details, see Enable OAuth endpoints. Enable OAuth endpoints To enable the OAuth management endpoints on your API Gateway, perform the following steps: In the Policy Studio tree, select Environment Configuration > Listeners > API Gateway > OAuth 2.0 Services > Ports. Right-click the OAuth 2.0 Interface in the panel on the right, and select Edit. Select Enable Interface in the dialog. Click the Deploy button in the toolbar. Enter a description and click Finish. Note On Linux-based systems, such as Oracle Enterprise Linux, you must open the firewall to allow external access to port 8089. If you need to change the port number, set the value of the env.PORT.OAUTH2.SERVICES environment variable. For details on setting external environment variables for API Gateway instances, see the API Gateway DevOps Deployment Guide. Related topics Introduction to API Gateway OAuth 2.0 server API Gateway OAuth 2.0 authentication flows API Gateway as an OAuth 2.0 authorization server API Gateway as an OAuth 2.0 resource server Related Links
Set up API Gateway as an OAuth 2.0 server Note If you have installed API Manager, the OAuth server capabilities are already installed. You can skip this section. To set up API Gateway as an OAuth authorization server and OAuth resource server, you must run the provided deployOAuthConfig.py script. For more information, see Deploy the OAuth service. The API Gateway provides the following endpoints used to manage OAuth 2.0 client applications: Description URL Authorization Endpoint (REST API) https://HOST:8089/api/oauth/authorize Token Endpoint (REST API) https://HOST:8089/api/oauth/token Token Info Endpoint (REST API) https://HOST:8089/api/oauth/tokeninfo Revoke Endpoint (REST API) https://HOST:8089/api/oauth/revoke Client Application Registry (HTML Interface) https://HOST:8089 Client Application Registry (REST API) https://HOST:8089/api/kps/ClientApplicationRegistry In this table, HOST refers to the machine on which API Gateway is installed. Note To enable these endpoints, you must first enable the OAuth listener port in the API Gateway. For more details, see Enable OAuth endpoints. Enable OAuth endpoints To enable the OAuth management endpoints on your API Gateway, perform the following steps: In the Policy Studio tree, select Environment Configuration > Listeners > API Gateway > OAuth 2.0 Services > Ports. Right-click the OAuth 2.0 Interface in the panel on the right, and select Edit. Select Enable Interface in the dialog. Click the Deploy button in the toolbar. Enter a description and click Finish. Note On Linux-based systems, such as Oracle Enterprise Linux, you must open the firewall to allow external access to port 8089. If you need to change the port number, set the value of the env.PORT.OAUTH2.SERVICES environment variable. For details on setting external environment variables for API Gateway instances, see the API Gateway DevOps Deployment Guide. Related topics Introduction to API Gateway OAuth 2.0 server API Gateway OAuth 2.0 authentication flows API Gateway as an OAuth 2.0 authorization server API Gateway as an OAuth 2.0 resource server