Important Considerations for Using OAuth Features
Keep the following points in mind when using OAuth features:
If you are using
webMethods Enterprise Gateway to process requests from external clients, keep in mind that OAuth configuration settings in
Integration Server Administrator (
Security > OAuth) are only available on
Integration Servers that do not act as an
Enterprise Gateway Server. The Internal Server that sits behind the firewall processes all OAuth requests. For more information about
webMethods Enterprise Gateway, see
Configuring
webMethods Enterprise Gateway .
In order for
Integration Server to log OAuth activity, the Security logger must be enabled and configured to log the following security areas: Authentication and Authorization. For detailed instructions on enabling the security logger and selecting security areas to audit, see the
webMethods Audit Logging Guide.
For OAuth authorization failures to appear in the error log, the watt.server.oauth.log.authErrors server configuration parameter must be set to true. By default, this parameter is set to false, meaning
Integration Server does not write OAuth authorization errors to any log.