Pass Refresh token as a Header Authorization

unknown

Hi ALL,

    I have a requirement to pass Header Authorization token from ION API connector side. 

   1. I have updated my swagger document to pass Authorization  token value

           

  2. It is visible in ION API connection side

            

  3. I am thinking , how should I configure in ION API gateway side. 

        1.  I triedTarget Endpoint Security   as  Anonymous . I though this value will be override with Authorization  value will be override from  ION connector  value. But it is not working.

        2. I tried to setup API Key and hard code the value. This is working . But i need to set 

3. I think we need to pass connector Authorization   value to Header policy and need to override value . Appreciate it , if  can give your help to fix this issue .  

Thank you 

Regards

Priyantha

unknown

Hello Priyantha:

List of target security methods supported by ION API Gateway is well documented. See: https://docs.infor.com/ionapi/2021-x/en-us/ionapiag_cloud/default.html?helpcontent=bmg1489588707659.html -> point 9; 

It is not clear, if your target API is based on any of the above listed industry standard? Reading your requirement it feels like, your API is based on  (or similar to) OAuth patterns. If its indeed a standard OAuth2 based security, then select the appropriate grant on the target endpoint config and gateway will take care of the authentication. But, If its a custom pattern that requires a token be fetched first and attached for every API call as a custom header, this would need some kind of orchestration. If this is MT deployment, you can consider API Flows, where in the first step of the flow you would fetch the custom token from your API provider and in the second step attach that as the header parameter. From the ION Doc flow, you would then call the orchestrated API Flow endpoint instead of the actual target. Hope this helps. 

Best Regards

Vignesh