Optional: Add Node-RED Test Server

Create a Node-RED instance that copies the workflow of the /token and /introspect requests. This is the exact workflow that the Gateway Script in the DataPower Gateway in API Connect Assembly should implement, but testing the workflow in Node-RED is a lot easier and quicker, and will validate the remaining of the configuration of API Connect.

  • Search the catalog... for Node-RED Starter, or

  • Go to or browse to the Starter Kits category,

  • Select the Node-RED Starter service,

  • Optionally, choose to change the region,

  • Enter a globally unique App name,

  • Optionally, change the Domain to <region>.cf.appdomain.cloud,

  • Click the Create button,

Create the /introspect workflow in NodeRed

  • Wait until the Node-RED instance successfully running,

  • Click the Visit App URL link to open the Node-RED app, the Node-RED configuration page loads,

  • Click Next,

  • Enter a username and password to secure your instance,

    • Flows and changes to Node-RED are written to Cloudant NoSQL database, so you want to secure access in order to protect your flows,

  • Optionally, check the option Allow anyone to view the editor, but not make any changes,

  • Click Next, Next and Finish,

  • Once your settings are applied, you see the Node-RED home page,

  • Make note of the URL of the Node-RED home page, e.g. https://<nodered-app-name>.us-south.cf.appdomain.cloud/, you will need this to configure the API Connect Security Definition to secure your API,

  • Click the Go to your Node-RED flow editor button in the web page, to load the Node-RED editor,

  • Enter your username and password,

  • Click Login,

  • The Node-RED editor loads,

  • Copy the Flow JSON at the bottom of the page,

  • Go back to the Node-RED editor,

  • From the top-right menu, go to Import

  • Drag the imported workflow to the top left of the editor,

  • Click the Deploy button in the top-right of the page,

Configure the /introspect workflow in NodeRed

  • In the Node-RED editor, double click the first http request node, which opens the node's configuration window for the POST /token request,

  • Change the URL by replacing tenantid by your AppID tenantid,

  • Under Use authentication, change the Username by the ClientID of your AppID credentials,

  • Under Use authentication, change the Password by the secret of your AppID credentials,

  • Make sure the Return is set to a parsed JSON object,

  • In the Node-RED editor, double click the second http request node, which opens the node's configuration window for the POST /introspect request,

  • Change the URL by replacing tenantid by your AppID tenantid,

  • Under Use authentication, change the Username by the ClientID of your AppID credentials,

  • Under Use authentication, change the Password by the secret of your AppID credentials,

  • Make sure the Return is set to a parsed JSON object,

  • Click the Deploy button,

  • Optionally, link the nodes to the logs or Debug nodes to display debugging information in the right side bar,

  • Click the Deploy button again if you made any changes,

  • You now should have an POST /introspect endpoint accessable at POST https://<nodered-app-name>.us-south.cf.appdomain.cloud/introspect,