remkohdev
  • Learn to Code
  • About Me
  • CI/CD
    • DevOps101
      • Welcome
  • OpenShift
    • Setup OpenShift
      • Setup Minishift
    • Builds
      • Source-to-Image (S2I)
        • Setup S2I
        • Build, Run, Deploy from Source
      • Jenkins Pipeline
    • Jenkins as a Service
      • Setup Jenkins on Openshift
      • Create a Pipeline for Java Spring Boot
  • Istio
    • Setup Istio on IKS
      • Login to IKS
    • Setup Istio on Openshift 3.11
    • Traffic Shifts with a VirtualService
    • Telemetry of Metrics using Prometheus
    • Telemetry of Distributed Tracing using Jaeger
    • Security with Mutual TLS (mTLS)
  • Apache Kafka
    • Setup Apache Kafka on IBM Cloud
    • Setup Apache Kafka on OpenShift
    • Produce and Consume Streams with Kafka Console Tools
    • Produce and Consume Streams with Spring Boot
    • Using the Event Streams CLI
    • Kafka Admin API
  • API Connect
    • APIC CLI
      • Manage API Lifecycle with apic
    • Securing your API
      • Setup AppID
      • Setup API Connect
      • Optional: Add Node-RED Test Server
      • Add 3rd Party OAuth OIDC
        • Create a Custom AppID API
        • Add a Security Definition to your API
Powered by GitBook
On this page

Was this helpful?

  1. API Connect
  2. Securing your API
  3. Add 3rd Party OAuth OIDC

Add a Security Definition to your API

PreviousCreate a Custom AppID API

Last updated 5 years ago

Was this helpful?

  1. Create a Security Definition

    • To add OAuth security to your API in the Design editor,

    • Jump to the Security Definitions section from the left menu,

    • Click the Add icon in the Security Definitions section to add a new security definition,

    • Select OAuth,

  • In Introspection URL enter the Custom AppID API endpoint, e.g. `https://api.<api region>.apiconnect.appdomain.cloud/<username>-dev/sb/custom-appid-api/introspect`, or the Node-RED POST /introspect endpoint https://<nodered-app-name>.<nodered-region>.cf.appdomain.cloud/introspect

  • Under Flow select type Application,

  1. Enable Security

    • Jump to the Security section from the left menu,

    • Click the Add icon to add a new security,

    • Check the security option for OAuth that was added,

  • Browse to the Source tab,

  • A security definition should have been added to the Open API Spec source,

securityDefinitions:
  oauth-1:
    type: oauth2
    description: ''
    flow: application
    scopes: {}
    x-tokenIntrospect:
      url: 'https://api.<api region>.apiconnect.appdomain.cloud/<username>-dev/sb/custom-appid-api/introspect'
security:
  - oauth-1: []

  • Or when using the Node-RED Test Server endpoints,

    securityDefinitions:
  oauth-1:
    type: oauth2
    description: ''
    flow: application
    scopes: {}
    x-tokenIntrospect:
      url: 'https://<nodered-app-name>.<nodered-region>.cf.appdomain.cloud/introspect'
security:
  - oauth-1: []

  • From the top right, select the save icon,

  • From the top right drop down menu, select the option Add to existing products, or if you do not have a product yet, select the option Generate a default product,

  • Select the product to add your API draft to,

  • Your API should now be protected by AppID using OAuth OIDC with grant_type=password,