OAuth

When a request is received from the user, the gateway redirects the user to OAuth Authorization server to login and grant access to the protected facade operation.

When the OAuth authentication server sends the authorization code back to the policy callback endpoint after the user’s successful login and grant access to the facade operation, the gateway exchanges the authorization code for an access token from the authorization server. Because the protected facade operation does not access user’s resources, the access token is only used for authentication purposes.

Example Policy

AuthenticationbyOAuth Policy

<?xml version="1.0" encoding="UTF-8"?>
<wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
   <ns:AuthenticationByJaas xmlns:ns="http://xsd.tns.tibco.com/governance/policy/action/2009">
      <ns:OAuthToken>
         <ns:Provider>TIBCO</ns:Provider>
         <ns:ClientID>security</ns:ClientID>
         <ns:ClientSecret>ef6e7dca3d52973f73ec3dd0da7087d400f5a05a</ns:ClientSecret>
         <ns:CallbackURI>http://localhost:9322/asg/oauth2/client/callback</ns:CallbackURI>
      </ns:OAuthToken>
   </ns:AuthenticationByJaas>
</wsp:Policy>
Contents
Search Results