Apigee Edge would need to be configured to trust the signing party, or the CA chain of the cert of the signing party.
After obtaining the token, the client (Ariba) would send the OAuth token in every request in the Authorization header. OAuth v2.0 tokens - via standard OAuth v2.0 grant types, including client_credentials or the RFC7523 JWT grant type.HttpSignature verification - the client needs to sign its request with its Consumer Secret and Apigee Edge verifies the signature using the API Key + Secret.You could send it as a header, or a query param, or even a URL path segment. API Key verification - basically the client needs to send in a secret API key with every request.You can configure your Apigee Edge API Proxy to do one or more of the following:
0 kommentar(er)
