Contact Us 1-800-596-4880
  1. Homepage
  2. Access Management
  3. Client Management in Anypoint Platform

  4. Configuring OpenAM Client Providers in Access Management

Configuring OpenAM Client Providers in Access Management

Register API clients through OpenAM 14 by configuring an OpenAM client provider in Anypoint Platform. You map OAuth2 authorization, token, validation, and client management endpoints and admin token credentials to your deployment. Your organization keeps client provisioning in OpenAM and applies the OpenAM OAuth token enforcement policy to APIs through API Manager.

Anypoint Platform doesn’t show plaintext client secrets or static authorization header values for API clients registered through external client providers. A Show control appears, but values remain masked. View your credentials in the external client provider.

  1. Sign in to Anypoint Platform using an account that has the Organization Administrator permission.

  2. Select Access Management from the gear icon menu.

  3. In the Business Groups menu, select your root organization.

  4. In the Access Management navigation menu, click Client Providers.

  5. Click Add Client Provider, and then select OpenAM.

    The Add OpenAM client provider page appears.

  6. Fill in these required fields:

    • Version

      OpenAM version 14.

    • Admin Token Provider

      • Create URL

        The endpoint that creates an access token for OAuth authentication.

      • Username

        The name of the user requesting access.

      • Password

        The password of the user requesting access.

    • OAuth2 Authorization Provider, Authorize URL

      /oauth2/authorize, relative to the base path of the OpenAM application. Provide the absolute URL (base URI and path).

    • OAuth2 Token Provider, Create URL

      /oauth2/access_token, relative to the base path of the OpenAM application. Provide the absolute URL (base URI and path).

    • OAuth2 Token Validation Provider

      • Validate URL

        The token validation endpoint is /oauth2/tokeninfo relative to the base path of the OpenAM application.

      • Username Token Mapping

        Name of user with privileges for creating new clients within the target OpenAM system.

    • OAuth2 Client Provider

      • Create URL

        The URL at which the OpenAM client management API resources are served. Normally the endpoint is located at /oauth2/client. Confirm with your OpenAM administrator.

      • Delete URL

        URL destination for sending a DELETE request to delete a test client.

      • Scopes

        Supported OAuth capabilities, such as READ and WRITE.

      • Default Scopes

        Default OAuth capabilities to use in the event the client app does not specify any.

  7. Save your configuration.

Now, you can apply the OpenAM OAuth Token Enforcement policy to your APIs.

See Also