Optional: Add Node-RED Test Server

Create a Node-RED instance that copies the workflow of the /token and /introspect requests. This is the exact workflow that the Gateway Script in the DataPower Gateway in API Connect Assembly should implement, but testing the workflow in Node-RED is a lot easier and quicker, and will validate the remaining of the configuration of API Connect.

• Go to the IBM Cloud Catalog,

• Search the catalog... for Node-RED Starter, or

• Go to or browse to the Starter Kits category,

• Select the Node-RED Starter service,

• Optionally, choose to change the region,

• Enter a globally unique App name,

• Optionally, change the Domain to <region>.cf.appdomain.cloud,

• Click the Create button,

Create the /introspect workflow in NodeRed

• Wait until the Node-RED instance successfully running,

• Click the Visit App URL link to open the Node-RED app, the Node-RED configuration page loads,

• Click Next,

• Enter a username and password to secure your instance,

  • Flows and changes to Node-RED are written to Cloudant NoSQL database, so you want to secure access in order to protect your flows,

• Optionally, check the option Allow anyone to view the editor, but not make any changes,

• Click Next, Next and Finish,

• Once your settings are applied, you see the Node-RED home page,

• Make note of the URL of the Node-RED home page, e.g. https://<nodered-app-name>.us-south.cf.appdomain.cloud/, you will need this to configure the API Connect Security Definition to secure your API,

• Click the Go to your Node-RED flow editor button in the web page, to load the Node-RED editor,

• Enter your username and password,

• Click Login,

• The Node-RED editor loads,

• In the top right, click the Profile icon, and make sure you are logged in, to have editor rights,

• Go to the Node-RED flow to Integrate API Connect with AppID OAuth OIDC Provider for Easy API Security

• Copy the Flow JSON at the bottom of the page,

• Go back to the Node-RED editor,

• From the top-right menu, go to Import

• Paste the copied Flow JSON from the Integrate API Connect with AppID OAuth OIDC Provider for Easy API Security flow,

• Click Import,

• Drag the imported workflow to the top left of the editor,

• Click the Deploy button in the top-right of the page,

Configure the /introspect workflow in NodeRed

• In the Node-RED editor, double click the first http request node, which opens the node's configuration window for the POST /token request,

• Change the URL by replacing tenantid by your AppID tenantid,

• Under Use authentication, change the Username by the ClientID of your AppID credentials,

• Under Use authentication, change the Password by the secret of your AppID credentials,

• Make sure the Return is set to a parsed JSON object,

• In the Node-RED editor, double click the second http request node, which opens the node's configuration window for the POST /introspect request,

• Change the URL by replacing tenantid by your AppID tenantid,

• Under Use authentication, change the Username by the ClientID of your AppID credentials,

• Under Use authentication, change the Password by the secret of your AppID credentials,

• Make sure the Return is set to a parsed JSON object,

• Click the Deploy button,

• Optionally, link the nodes to the logs or Debug nodes to display debugging information in the right side bar,

• Click the Deploy button again if you made any changes,

• You now should have an POST /introspect endpoint accessable at POST https://<nodered-app-name>.us-south.cf.appdomain.cloud/introspect,