OAuth Token Generation in Datapower

Here in this blog, we will learn about OAuth token generation in Datapower.

About:

• OAuth, an industry-standard protocol for authorization, is widely used to grant limited access to user resources without exposing credentials. IBM DataPower Gateway, known for its robust security capabilities, can be configured to act as an OAuth authorization.
• Through this Blog, we will get to know how to generate an OAuth in the IBM DataPower gateway.
• API service requires that requests include an access token that links to authorization data such as an associated end user, the scope of access, or a time limit. Before an application can access a service—either on its own behalf or on behalf of a user—it must first acquire an access token from the API service’s authorization server.
• An access token is obtained using a flow specific to the grant type here we are generating the grant type as client credentials

Procedure:

• Login to the DataPower and select the application domain in which you want to configure the Oauth.
• In the search bar search for the Oauth Client profile and client on Add to configure it.

• Give the name select the grant type and Authorization method and client secret and scope and upload a shared key to generate an OAuth token.

• After that search for the Oauth Client group and Click on Add to configure it.

• Give the name and select the drop-down of the client select the OAuth client profile that we have configured.

• Now search for the AAA policy and Click on Add and give the Name.

• Click on the identify Extraction click on OAuth and http Authentication header and select the client profile of the registered OAuth clients.

• Click on Authentication and select the method “use AAA information file in that file add the client ID and client secret that you have given in the client profile and upload the file.

• Now Click on the resource extraction select the processing metadata and select the oauth scope metadata which is in the dropdown of processing metadata items.

• Now search for web service token in the search bar and click on add wizard.

• Select the type give the name and click on next.

• Give the port and configure the TLS server profile select it click on the add in action column and click on next.

• Click on the next to complete the configuration.

• Click on commit configuration now web token service is configured.

Generating the Oauth 2.0 Token:

• Open the Postman application click on Authorization select the grant type give the datapower IP/Domain and its port in the token URL and give the client ID, client secret, and scope. Now click on the get new access token.

• We can see the token is generated now we can use the token.