OAuth2 tokens and API keys
If you have configured the API key in Request Header or in Query String, the PingIntelligence Dashboard reads and converts these values to apikey_qs
or apikey_header
values in the API Security Enforcer (ASE) API JavaScript Object Notation (JSON).
The PingIntelligence artificial intelligence (AI) engine considers API key values only in request headers or the query string.
Similarly, if you have configured an OAuth2 token, the PingIntelligence Dashboard marks the value of oauth2_access_token
as true
in the ASE API JSON.
You do not need to configure any tags for API keys or an OAuth2 token. |
The following API JSON file shows the converted parameters. The protocol
, url,
and hostname
values are picked from the values that you configure in Resource path when you create the Frontend API.
{
"api_metadata": {
"protocol": "https", "url": "/shop", "hostname": "192.168.11.103", "cookie": "JSESSIONID",
"cookie_idle_timeout": "",
"logout_api_enabled": false,
"cookie_persistence_enabled": false,
"oauth2_access_token":true, "apikey_qs": "KeyId", "apikey_header": "",
"enable_blocking": true,
"login_url": "/shop/login",
"api_mapping": {
"internal_url": ""
},
"api_pattern_enforcement": {
"protocol_allowed": "",
"http_redirect": {
"response_code": "",
"response_def": "",
"https_url": ""
},
"methods_allowed": [],
"content_type_allowed": "",
"error_code": "",
"error_def": "",
"error_message_body": ""
},
"flow_control": {
"client_spike_threshold": "0/second",
"server_connection_queueing": false
},
"api_memory_size": "64mb",
"health_check": false,
"health_check_interval": 60,
"health_retry_count": 4,
"health_url": "/",
"server_ssl": false
"servers": [],
"decoy_config": {
"decoy_enabled": false,
"response_code": 200,
"response_def": "",
"response_message": "",
"decoy_subpaths": []
}
}
}