get application information from an access token using Apigee GetOAuthV2Info policy

This procedure is applicable for proxies that uses the OAuth 2.0 policy, specifically used together with VerifyAccessToken operation. For us to obtain the information, below are step that should be followed.

(should execute in the preflow of the ProxyEndpoint)

1. After the VerifyAccessToken operation, use the ExtractVariables policy to obtain the value of the client’s access token.
2. GetOAuthV2Info should use the access token. This policy will generate several flow variables.

Below is the workflow

OAuthV2 (VerifyAccessToken)

Policy configuration will be default.

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<OAuthV2 async="false" continueOnError="false" enabled="true" name="verify-oauth-v2-access-token">
    <DisplayName>Verify OAuth v2.0 Access Token</DisplayName>
    <Operation>VerifyAccessToken</Operation>
</OAuthV2>

ExtractVariables

This is the most important one. Extract variable will allow us to, well extract the variables in a request. In course case, we are trying to extract the value from the header’s Authorization header.

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<ExtractVariables async="false" continueOnError="false" enabled="true" name="EV-GetOAuthToken">
    <DisplayName>EV-GetOAuthToken</DisplayName>
    <Header name="Authorization">
        <Pattern ignoreCase="false">Bearer {oauthtoken}</Pattern>
    </Header>
</ExtractVariables>

Take note of the Bearer {oauthtoken}, this is the variable that we will use for the GetOAuthV2Info policy.

GetOAuthV2Info

Now, we are ready to use the GetOAuthV2Info.

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<GetOAuthV2Info async="false" continueOnError="false" enabled="true" name="OA-GetAppInfo">
    <DisplayName>OA-GetAppInfo</DisplayName>
    <AccessToken ref="oauthtoken"/>
</GetOAuthV2Info>

If the execution is successful. GetOAuthV2Info will generate a set of flow variable that you can use. It is accessible through this format:

oauthv2accesstoken.{Policy Name}.client_id

In my case, it will be oauthv2accesstoken.OA-GetAppInfo.client_id for getting the client id of the application. For the complete list of flow variable, please see the reference from Apigee documentation.