Creating a Token and Resource Endpoint

Creating a Token and Resource Endpoint

book

Article ID: KB0075105

calendar_today

Updated On:

Products Versions
TIBCO Cloud API Management -

Description

A token endpoint can be created in an API for generating OAuth tokens that can be used for accessing resource endpoints of the same API. This document will give a step by step guide for creating a token endpoint and a resource endpoint from Mashery Control Center. The calls for the token endpoint and the resource endpoint are given at the end of the document.

Resolution

Creating a token and resource endpoint.

1). Create a new API by navigating to Design -> APIs. In this document we create the API manually.

User-added image 

2). Once the API is created navigate to Design -> APIs -> {API name} -> Security Settings and Enable OAuth 2.0. 

User-added image

3).  Enable the "Mashery Token API" configuration for the API which can be found in the "Security Settings" tab and save the configuration. This setting allows us to create token endpoints.

User-added image

4). After the configurations in the "Security Settings" tab are saved, proceed to "API Definition & Endpoint List" tab and click on "Create your first Token Endpoint" link.

User-added image

5). Set the public endpoint address for the token endpoint that includes the hostname and request path. Click on "Create".

User-added image

6). Once the token endpoint is created, a resource endpoint can be created by navigating to "API Definition & Endpoint List"  and making a "Resource" selection from the dropdown menu.

User-added image

7). Fill out the details for the "Public Endpoint Address" and "Your Endpoint Address" and click on "Create".

User-added image

8). After creating the resource endpoint navigate to {Resource Endpoint} -> Key and Method Detection and select the "Request Authentication Type" configuration as OAuth 2.0. Click on Save.

User-added image

9). The token endpoint and resource endpoint have been created successfully.

User-added image

10) Associate the API and the endpoints created with the respective Package and Plan. If a shared secret is to be generated along with the package key follow the below documentation for the configuration.
http://docs.mashery.com/design/GUID-C361C65A-FA13-499A-AB15-EE5FE86C780B.html

User-added image


Sample calls for the token and resource endpoints created above.
 Token Call: curl -i -H 'Content-Type: application/x-www-form-urlencoded' 'http://acme.api.mashery.com/tokenEP' -X POST -d 'client_id=<clientid>' -d 'grant_type=client_credentials' Resource Call: curl -i -H 'Authorization: Bearer <Authorization token from the token call>' -H 'Content-type: application/json' 'http://acme.api.mashery.com/resourceep'

Issue/Introduction

This article provides a step by step guide to creating a token and resource endpoint within an API using Mashery Control Center.