Outbound OAuth2
Overview
The Outbound OAuth2 Policy allows the API usage by authorized users and applications. This policy sets specific OAuth2 parameters such as authorization URL's which are generated through access tokens with client credentials (client ID and client secret) to enforce OAuth2 authentication for upstream API calls. Preconfigured OAuth2 accounts are needed for connection with the backend service, so you can access third-party URL's through the Proxy.
The OAuth2 Outbound Policy is not available for APIs and API versions.
The accounts used in the policy automatically reflect the changes made in the OAuth2 account itself.
If you delete an account, it will invalidate the policy and will display an error when the deleted account is referenced. In this case, you must select another account by navigating to the Policy Setting.
Prerequisites
Preconfigured Valid and Authenticated OAuth2 Accounts
Supported Account Types
REST OAuth2 Account
REST Dynamic OAuth2 Account
Azure AD OAuth2 Account
HTTP Client OAuth2 Account
OAuth SSL Accounts
Policy Execution Order
The Outbound OAuth2 Policy executes after all policies, when the proxy calls the upstream API.
All expression enabled fields take expressions from the SnapLogic Expression Language and the API Policy Manager functions.
Settings and Account Tab
Field names with an '*' (Asterisk symbol) suffix are mandatory fields.
Parameter Name | Field Type | Description | Default Value | Example | |
---|---|---|---|---|---|
Setting Tab | |||||
Label* | String | Required. The name for the API policy. | Outbound OAuth2 | Outbound RESTOAuth2.0 Policy | |
When this policy should be applied | String/Expression | An expression enabled field that determines the condition to be fulfilled for the API policy to execute. For example, if the value in this field is request.method == "POST", the API policy is executed only if the request method is a POST. | N/A | request.method == “POST” | |
Token Location* | Dropdown List | Select the Token location as Header/Body/Query | Header | Header | |
Header | Authorization Scheme* | Dropdown List | Select Bearer/Custom Authorization Scheme if you have selected the Header option from the dropdown list. | Bearer | Bearer |
| Custom Authorization Scheme
| String | Add your Custom Authorization Scheme here. |
| N/A |
Body | Request Body Key
| String | Enter JSON key with the value of the token. | N/A | N/A |
Query | Query String Parameter Name
| String | Name the Query String Parameter. | N/A | N/A |
Status | Dropdown List | Specifies whether the API policy is enabled or disabled. | Enabled | Enabled | |
Account Tab | |||||
Account Reference* | Dropdown List | Select a preconfigured OAuth2 account from the dropdown list that is configured in the Global Org >Shared Folder. | N/A | ../../shared/OutboundPolicyRestOAuth2 |
Have feedback? Email documentation@snaplogic.com | Ask a question in the SnapLogic Community
© 2017-2024 SnapLogic, Inc.