About this guide

This guide describes how to use the OAuth 2.0 and OpenID Connect features of API Gateway. It describes how to configure API Gateway as an OAuth server and as an OAuth client. It also describes the OpenID Connect support provided by API Gateway.

Who should read this guide

The intended audience for this guide is policy developers and system integrators who are responsible for configuring OAuth and OpenID Connect flows.

Before configuring OAuth or OpenID Connect flows in API Gateway you should understand exactly what message filters are, and how they are chained together to create a message policy. These concepts are documented in detail in the API Gateway Policy Developer Guide. You should also have an understanding of API Gateway concepts and features. For more information, see the API Gateway Concepts Guide.

How to use this guide

This guide should be used in conjunction with the other guides in the API Gateway documentation set.

Before you begin using the OAuth features of API Gateway, review this guide thoroughly. The following is a brief description of the contents of each section:

OAuth and OpenID Connect concepts – Describes OAuth 2.0 and OpenID Connect concepts.

Introduction to API Gateway OAuth 2.0 server – Describes the features of API Gateway as an OAuth server.

API Gateway OAuth 2.0 authentication flows – Describes the OAuth flows supported by API Gateway.

Set up API Gateway as an OAuth 2.0 server – Describes how to set up API Gateway as an OAuth server.

API Gateway as an OAuth 2.0 authorization server – Describes the OAuth authorization server features of API Gateway.

OAuth 2.0 authorization server filters – Describes how to configure the OAuth authorization server filters.

API Gateway as an OAuth 2.0 resource server – Describes the OAuth resource server features of API Gateway.

OAuth 2.0 resource server filters – Describes how to configure the OAuth resource server filters.

API Manager as an OAuth 2.0 resource server – Describes how to use API Manager as an OAuth resource server.

API Gateway as an OAuth 2.0 client – Describes the OAuth client features of API Gateway.

OAuth 2.0 client filters – Describes how to configure the OAuth client filters.

API Gateway and OpenID Connect – Describes how to use the OpenID Connect features of API Gateway.

OpenID Connect filters – Describes how to configure the OpenID Connect filters.

API Gateway OAuth client demo – Describes the OAuth client demo.

Deploy OAuth configuration – Describes how to deploy OAuth configuration in API Gateway.

OAuth 2.0 message attributes – Describes the message attributes used in the OAuth filters.

Related topics

Related documentation

Related Links