PingIntelligence for APIs provides the OAuthPolicy.xml policy to capture user information from the requests sent to Apigee gateway. The policy verifies the access token from the bundled Apigee OAuth server and extracts details like username and client id and other request metadata. It can verify access tokens provided as part of a request header or a query parameter.
The OAuthPolicy extracts request metadata tagged to an access token. The policy should be executed before the PingIntelligence policy that builds the ASE request message, which captures the username and client id from the metadata extracted by OAuthPolicy.
The OAuthPolicy can be attached using a Flow Hook or a Flow Call Out. For more information, see Deploy PingIntelligence Policy for Flow Hook and Deploy PingIntelligence Policy for Flow Call Out.
It is advised to deploy the OAuthPolicy.xml using a Flow Call Out policy to leverage the flexibility of applying on a Per API basis. For more information, see Configure PingIntelligence Flow Call Out in Apigee. The following screenshot illustrates the PingIntelligence shared flow with OAuthPolicy.
Configure apigee.properties
file to capture the user
information
Additionally set the configuration properties in apigee.properties
file to
extract the user information using the PingIntelligence OAuthPolicy. For more
information, see Configure apigee.properties file to
extract user information.
enable_oauth_policy
variable in
apigee.properties
to false
.