Contact Us 1-800-596-4880

Configure Client Management with OpenAM

  1. Log in to Anypoint Platform using an account that has the Organization Administrator permission.

  2. In the navigation bar or the main Anypoint Platform page, click Access Management.

  3. In the Business Groups menu, select your root organization.

  4. In the Access Management navigation menu, click Client Providers.

  5. Click Add Client Provider, and then select OpenAM.

    The Add OpenAM client provider page appears.

  6. Fill in the following required fields:

    • Version

      OpenAM version 14.

    • Admin Token Provider

      • Create URL

        The endpoint that creates an access token for OAuth authentication.

      • Username

        The name of the user requesting access.

      • Password

        The password of the user requesting access.

    • OAuth2 Authorization Provider, Authorize URL

      /oauth2/authorize, relative to the base path of the OpenAM application. Provide the absolute URL (base URI and path).

    • OAuth2 Token Provider, Create URL

      /oauth2/access_token, relative to the base path of the OpenAM application. Provide the absolute URL (base URI and path).

    • OAuth2 Token Validation Provider

      • Validate URL

        The token validation endpoint is /oauth2/tokeninfo relative to the base path of the OpenAM application.

      • Username Token Mapping

        Name of user with privileges for creating new clients within the target OpenAM system.

    • OAuth2 Client Provider

      • Create URL

        The URL at which the OpenAM client management API resources are served. Normally the endpoint is located at /oauth2/client. Confirm with your OpenAM administrator.

      • Delete URL

        URL destination for sending a DELETE request to delete a test client.

      • Scopes

        Supported OAuth capabilities, such as READ and WRITE.

      • Default Scopes

        Default OAuth capabilities to use in the event the client app does not specify any.

  7. Save your configuration.

Now, you can apply the OpenAM OAuth Token Enforcement policy to your APIs.