OAuth2 Authentication
This action uses the OAuth 2.0 authentication to validate incoming requests from clients. Mediator authorizes the OAuth 2.0 credentials (access token) against a list of all global consumers available in the Mediator.
This action uses the NTLM authentication to validate incoming requests from clients. Mediator authorizes the credentials against a list of all global consumers available in the Mediator.
If the access token value in the Authorization header cannot be authenticated as a valid Integration Server user (or if the Authorization header is not present in the request), a 500 SOAP fault is returned, and the client is presented with a security challenge. If the client successfully responds to the challenge, the user is authenticated. If the client does not successfully respond to the challenge, a "WWW-Authenticate: OAuth" response is returned and the invocation is not routed to the policy engine. As a result, no events are recorded for that invocation, and its key performance indicator (KPI) data are not included in the performance metrics.
If none of the authentication actions (
HTTP Basic Authentication,
NTLM Authentication or
OAuth2 Authentication) is configured for a proxy API,
Mediator forwards the request to the native API, without attempting to authenticate the request.
Input Parameters
Authenticate Using | String. Specifies the OAuth2 access token for authenticating client requests to the native API. |
Value | Description |
Existing Token | Default. Mediator uses the OAuth2 access token specified in the HTTP "Authorization" header to validate client requests for a native API. |
Custom Token | Mediator uses the access token you specify in the OAuth2 Token, field to validate client requests for a native API. |
Field | Description |
OAuth2 Token | String. Mandatory. Specifies an OAuth2 access token to be deployed by Mediator. The consumer need not pass the OAuth2 token during service invocation. |