OAuth2 Gateway

OAuth2 Gateway

The OAuth2 Gateway is a special purpose version of the HTTP Gateway. It is able to perform HTTP requests to resource servers that are protected with OAuth2 op OpenID Connect (OIDC).

The OAuth2 Gateway supports the OAuth2 "Client Credentials" grant type. This grant type allows backend application to request access tokens from authorization servers. It requires a client ID, client secret and token URI.

A client should be registered with the OAuth2 authorization server before using the OAuth2 Gateway and granted permission to acquire access tokens via the client credentials grant type. After registering a client with the authorization server, you should have a client ID and client secret.

The token URI is a global property of your authorization server. Consult your administrator or the authorization server's documentation to discover its value. This URI is used by clients to request access tokens.

Please note that the OAuth2 Gateway does not support the "Authorization Code" grant type. The ConnectAgent is intended be run as a backend application and as such cannot support this grant type which requires a user to be present at times to log in.

In the table below, you will find an explanation of these properties. All attributes with a ‘*’ are mandatory.

Attribute Description
Name* By default, we fill this out with the technical ‘tag’, followed by a serial number. Changing the name is optional.
Enabled Set this value to true, if you want this service to be enabled at startup
MessagePart In Specify the name of the MessagePart, which will be used as input. The value of this MessagePart becomes the POST data in a POST request or is used as the URL, depending on the definition of the URL parameter.
MessagePart Out Specify the name of the MessagePart, which will be used as output for the service method. The response of the HTTP request is put on this MessagePart.
URL* The URL location where the HTTP request has to go.
HTTP Method Choose the HTTP Method.
Encode URI Switch to enable or disable the encoding of URLs. The default is true.
Timeout Maximum time in milliseconds to wait on a single request. Default is '0' which means indefinitely.
Mapped Request Headers A comma separated list of headers to be mapped from the ConnectMessage to the HTTP request.
Mapped Response Headers A comma separated list of headers to be mapped from HTTP response to the ConnectMessage.
Content Type Specify the value of the Content-Type header.
Token URI* The authorization server's token endpoint used to request new access tokens.
Client ID* The client ID used for OAuth 2.0.
Client Secret* The client secret used for OAuth 2.0.
OAuth2 Scopes An optional comma separated list of OAuth2 scopes.
Use Form URL Encoded Switch to enable or disable use application/x-www-form-urlencoded.
Expected Response Type Class to specify return type. The default is a 'java.lang.String'.
Description Description of the specific service. This is for documentation purposes.