Now a days every applications or API requires a security layer to protect from unauthorized access.
There are many security protocols are available in the market, but OAuth2 is leading in the market Protocol. MuleSoft provides capability to build and deploy OAuth2 Provider Service using AnyPoint Platform Components.
In this blog, we will see how MuleSoft is providing OAuth2 Provider facility.
MuleSoft providing OAuth2 Provider connector module which is used to build an OAuth2 Service. This Oath Service acts as an OAuth2 Provider/Server which is used by client applications for various authentication purposes like create client, validate token etc.
Create a sample project in Studio and download OAuth Provider Module and Object Store from Exchange.
This is the project to create client, get token and do validation.
Drag and drop Create Client is available from OAuth Provider Module and specify the settings as shown below..
Drag and drop Validate methods from OAuth Provider module and save it.
1. Create a client and specify required parameters as shown below
http://localhost:8081/create
http://localhost:8081/token
3. Validate the token
http://localhost:8081/validate
How to create sample RAML and define Auto discovery feature..
Two applications are running in CloudHub, one is business implementation API and other one is MuleSoft OAuth provider logic
Go to Policies and click on Add Policy
Get the token
Select OAuth2.0 access token enforcement policy
Specify validation URL and check Skip Client ID validation and save it.
Note: This takes around 30 sec to reflect the changes.
Not test the Business API URL.
Before that execute OAuth API for creating client id and client secret
http://mule-oauth-provider-109.us-e2.cloudhub.io/oauth/create
http://mule-oauth-provider-109.us-e2.cloudhub.io/token
Use the access token and test the Business API.
There're many third party authenticators are available in the market. Based on your business case and cost, you can go for it.
Thanks for reading :-)
No comments:
Post a Comment