YTread Logo
YTread Logo

OAuth with DataPower

Jun 09, 2021
or this video is based on a tutorial on the Developerworks website so yeah feel free to ask us for more details or if you are stuck somewhere we need as here we need the shared secret file simple a file of information and a self-signed public and private file. key pair, you can download them from IBM website or create them manually on the website, the search may have expired, so be careful now, let's start creating what client profile, what client profile and name it password, credential, let's start first. To start with the big resource owner password credential type, let's check this instead of generating a random secret, we can understand a simple password and the scope we are going to use is to get an account, we need a shared secret to exchange the key shared secret of the case.
oauth with datapower
This is about creating an authentication client profile, we will create a client group with an added client group. Okay, now we can move on to creating an AAA policy name, this password credential and identity extraction, so we'll provide the username password in the header. and implement working password credential authentication we will use for this video, we will use an information file. Okay, so this was the extraction, we have to specify what metadata for authorization again we will use the playback information file. If that is all. Now we will want to create a web token service. I'm going to use the wizard because it will automatically generate the document processing policy.
oauth with datapower

More Interesting Facts About,

oauth with datapower...

Open service. Add wizard password credential. Next I will allow you to choose the port and create a tls profile. with me this is a little bit of time to grab this key so I selected the private key attach the insert so okay let's check if it's active yeah okay add this one so it's at 5010 next to the playback policy, select the one we just created. So a web token service has been created that runs on port 50 10. We can quickly test this and try to generate an access token. https server authentication. This is the name of the client.
oauth with datapower
Both customer profiles. This is the password I have. run selected type this password username password this matches you know the default aaa info file the scope we are using in the git client is taking a while for some reason okay we got the access token this means wtc is working fine now we will create a simple xml firewall and use this same policy um aaa and check it out, check out our you know, use this access token and see how it authorizes the call, okay, come back here it's not xml and this looks back, create a new policy.
oauth with datapower
I'm going to use this firewall xml for various types of grants so let's create this possible so I just created a simple basic gateway script file that will basically generate success okay before we attach triple to here let's try this in this port. Back here, well, this is still http, yes, this is the Marquis wireless server profile software. Now which configuration is complete? If I try now, I can't verify what information. Now if we used to use the access token that was generated earlier or we are going to regenerate it. the access token this is the access token take it from here to here yeah so it didn't work when here it didn't work because we didn't give the best token now we gave the token to the bearer it's working this is this lawsuit this demo the implementation of Worth 2.0 using a resource owner password credential grant type.
Next we'll look at the client credential granting type, which is very similar with some tweaks, yeah, so we'll create a new client profile here. use client credentials, this is a type of client credential, the rest will remain the same, so it will use password, yes, let's see confidential and create a policy so that my computer is a little slow and the credential identity extraction is worth the Trend credential for authentication. We're going to pass it to the authorization step, so pass the identity token to the authorization phase. Resource extraction is again what metadata authorization is. We're going to use an info file, so I'm going to quickly show you what's in the info file.
You may have noticed that I used this username and password for the password credential grant type, so this is the author. This is being used for authorization now for the client credentials, so we are not using any authentication steps, we are just passing the token to the authorization step. where we are using uh input type this should be this should be the name of this ah sorry I had to go okay so authorize the use of an information file this is this authenticate we are passing iot extraction okay this The piece is ready, now we will generate a token service and in this video we will use the same profile client credential so we can test it quickly.
I want to do it, so if everything was fine, we should get xx access token, yeah, that's good, so this. It's a tangential type one, take this one. I'm going to use the same xml firewall with this natural one that I have. I haven't created the match tool, so I created this mesh here so that the web token service works fine, so now we can. to get access token using client credential to go back to xml firewall i am going to add new rule for client credential add new one and now and create i am going to use same gateway script yes , let's try this one.
Excellent my workflow credential so now we are looking at two types of marks resource phone credential or password and password plan credential that's it and if you have any questions feel free to comment here too if check out the Developerworks tutorials. It's very, very useful, I hope it's useful to you and in the next video I'll cover the remaining types of grants. Thanks, happy learning.

If you have any copyright issue, please Contact