GetOAuthV1Info policy

You're viewing Apigee Edge documentation.
View Apigee X documentation.

What

Gets attributes of tokens and keys and populates flow variables with the values of those attributes. This policy type can be useful when you need to configure dynamic, conditional behavior based on a value in a token or key. Whenever token validation occurs, variables are automatically populated with the values of token attributes. However, in cases where token validation has not occured, you can use this feature to explicity populate variables with these attribute values. See also OAuth v1.0a policy.

Element Reference

The element reference describes the elements and attributes of the GetOAuthV1Info policy.

<GetOAuthV1Info async="false" continueOnError="false" enabled="true" name="Get-OAuth-v10a-Info-1">
    <DisplayName>Get OAuth v1.0a Info-1</DisplayName>
    <ConsumerKey ref="{flow.variable}">{value}</ConsumerKey>
    <RequestToken ref="{flow.variable}">{request token}</RequestToken>
    <AccessToken ref="{flow.variable}">{access token}</AccessToken>
    <OAuthConfig ref="{flow.variable}">{config}</OAuthConfig>
</GetOAuthV1Info>

<GetOAuthV1Info> attributes

<GetOAuthV1Info async="false" continueOnError="false" enabled="true" name="Get-OAuth-v10a-Info-1">

The following table describes attributes that are common to all policy parent elements:

Attribute	Description	Default	Presence
`name`	The internal name of the policy. The value of the `name` attribute can contain letters, numbers, spaces, hyphens, underscores, and periods. This value cannot exceed 255 characters. Optionally, use the `<DisplayName>` element to label the policy in the management UI proxy editor with a different, natural-language name.	N/A	Required
`continueOnError`	Set to `false` to return an error when a policy fails. This is expected behavior for most policies. Set to `true` to have flow execution continue even after a policy fails.	false	Optional
`enabled`	Set to `true` to enforce the policy. Set to `false` to turn off the policy. The policy will not be enforced even if it remains attached to a flow.	true	Optional
`async`	This attribute is deprecated.	false	Deprecated

<DisplayName> element

Use in addition to the name attribute to label the policy in the management UI proxy editor with a different, natural-language name.

<DisplayName>Policy Display Name</DisplayName>

Default

Default	N/A If you omit this element, the value of the policy's `name` attribute is used.
Presence	Optional
Type	String

N/A

If you omit this element, the value of the policy's name attribute is used.

Presence Optional

Type String

<AccessToken> element

Verifies the access token and retrieves all the attributes. The resource has to be set in the flow in the variable flow.resource.name. On success, the attributes are available as flow variables.You pass in a either a variable that contains the access token string or a literal token string (rare case). In this example, the access token is retrieved from a query parameter passed in a request.

<AccessToken ref="request.queryparam.access_token"></AccessToken>

Default:	`request.formparam.access_token` (`x-www-form-urlencoded` and specified in the request body)
Presence:	Optional
Type:	String
Valid values:	Either a flow variable containing an access token string, or a literal string.

<ConsumerKey> element

Retrieves the profile for a consumer key. You pass in a either a variable that contains the access token string or a literal token string (rare case). In this example, the access token is retrieved from a query parameter passed in a request.

<ConsumerKey ref="request.queryparam.consumer_key"></ConsumerKey>

Default:	`request.formparam.consumer_key` (`x-www-form-urlencoded` and specified in the request body)
Presence:	Optional
Type:	String
Valid values:	Either a flow variable containing an access token string, or a literal string.

<OAuthConfig> element

Verifies the OAuth config information.

<OAuthConfig ref="request.queryparam.oauth_config"></OAuthConfig>

Default:	`request.formparam.access_token` (`x-www-form-urlencoded` and specified in the request body)
Presence:	Optional
Type:	String
Valid values:	Either a flow variable containing an access token string, or a literal string.

<RequestToken> element

Retrieves the profile for an request token. You pass in a either a variable that contains the access token string or a literal token string (rare case). In this example, the access token is retrieved from a query parameter passed in a request.

<RequestToken ref="request.queryparam.request_token"></RequestToken>

Default:	`request.formparam.request_token` (`x-www-form-urlencoded` and specified in the request body)
Presence:	Optional
Type:	String
Valid values:	Either a flow variable containing an access token string, or a literal string.

Flow variables

The GetOAuthV1Info policy populates these variables, and is typically used in cases where you need the profile data, but where a grant or validation has not occurred yet. .

Consumer Key variables

These variables are populated when the <ConsumerKey> operation executes:

oauthconsumer.{policy_name}.oauth_consumer_key
oauthconsumer.{policy_name}.oauth_consumer_key
oauthconsumer.{policy_name}.{app_attribute_name}
oauthconsumer.{policy_name}.{app_key_attribute_name}

Access token and request token variables

These variables are populated when the <AccessToken> or <RequestToken> operation executes:

oauth_token
oauth_token_secret

developer.app.name
developer.id

apiproduct.name
apiproduct.<custom_attribute_name>

Policy-specific error codes

See OAuth HTTP error response reference.

Schema

Each policy type is defined by an XML schema (.xsd). For reference, policy schemas are available on GitHub.

Error codes

No error codes are specified for the Get OAuth v1.0a Info policy.