Set Bearer token in authorization header

You can configure an OAuth credential profile to set a Bearer token in the authorization header on API Gateway when calling a resource server. This example uses a call policy with a Connect to URL filter to call the resource server.

  1. In the Policy Studio tree, click External Connections > Client Credentials > OAuth2.
  2. On the OAuth Credentials tab, double-click the credential profile to edit. To create a new credentials profile, see Add application credentials.
  3. If you do not already have a token to access the API, add a Get OAuth Access Token filter to get a token, see Get OAuth client access token.
  1. Call the resource server:
    • Select the filter Connect to URL.
    • Select the Authentication tab.
    • Select a credential profile.
  1. Select the client credential. This links back to the access token store which holds the access token you received from the OAuth2 server.
  2. Invoke this filter to call the resource server. The Bearer token in the authorization header is set.

Related Links