End-to-end OAuth for APIs in less than 5 minutes!

motif

How quickly can you enable OAuth on an API and allow for client applications to be rapidly built for them? With the new OAuth 2.0 policy that is now available with the Anypoint Platform for APIs, the answer is no more than five minutes! Have a look for yourself with the following viewlet:


 

  • Designing an API that is OAuth 2.0 protected by specifying an OAuth 2.0 security scheme in its RAML specification and implementing it with Anypoint Studio.
  • Enabling an OAuth 2.0 provider that can use any LDAP server and ensuring that the API requires valid OAuth tokens through the simple application of policies – on-the fly – using Anypoint API Manager.
  • Testing and interacting with the API’s now OAuth protected resources through its RAML console with client ID and client secrets that can be obtained through the Anypoint API Portal’s application registration feature.

oauth 2.0 with Anypoint Platform for APIs
Note that the OAuth 2.0 policy supports all of the OAuth 2.0 grant types, allows for the use of refresh tokens, and also supports OAuth scopes. The feature is currently in beta mode as it only works with the Mule 3.5 early access release. You can also download the sample application used in the viewlet right here  and try out the steps by yourself.

Go on, give it a spin, and see how easy it is to make OAuth possible with the Anypoint Platform for APIs.


We'd love to hear your opinion on this post


2 Responses to “End-to-end OAuth for APIs in less than 5 minutes!”

  1. Looks pretty good with RAML. But audio is missing.

  2. It says invalid RAML. Could you please share your RAML file.

    It anything wrong here..

    #%RAML 0.8

    title: My API
    securedBy: [OAuth2.0]
    documentation:
    – title: Domestic Rating API
    content: |
    This is blah blah
    securitySchemes:
    -OAuth 2.0:
    type: OAuth2.0
    describedBy:
    queryParameters:
    access_token:
    description:|
    blah blah
    type: String

    settings:
    authorizationUri: http://localhost:9091/authorize
    accessTokenUri: http://localhost:9091/access-token
    authorizationGrants: [token]
    /hello:
    get:
    description: hello
    responses:
    200:
    description: Success
    body: application/text: