API Management versions 7.5.X and 7.6.X have reached end of support in November 2020.
Check out the latest version of the documentation.

About this guide

This guide describes how to use the OAuth 2.0 and OpenID Connect features of API Gateway. It describes how to configure API Gateway as an OAuth server and as an OAuth client. It also describes the OpenID Connect support provided by API Gateway.

Who should read this guide

The intended audience for this guide is policy developers and system integrators who are responsible for configuring OAuth and OpenID Connect flows.

Before configuring OAuth or OpenID Connect flows in API Gateway you should understand exactly what message filters are, and how they are chained together to create a message policy. These concepts are documented in detail in the API Gateway Policy Developer Guide. You should also have an understanding of API Gateway concepts and features. For more information, see the API Gateway Concepts Guide.

How to use this guide

This guide should be used in conjunction with the other guides in the API Gateway documentation set.

Before you begin using the OAuth features of API Gateway, review this guide thoroughly. The following is a brief description of the contents of each section:

Related topics

Related documentation

Related Links