I like this way of using custom extension, but what if you like to hide the sensitive information used in that call. Lets say you need to send a clientID and clientSecret to get a token. You do not want that information to be in pain text in the policy for all API GW users to read?
Thanks for the tutorial, I have a Question when requesting the token (authorization) you sent the grant_type using query parameters, what if want to send it as a form ( in the body) not in the header or parameters. how can I achieve that? Much appreciated.
This should be possible using the panel "body". I used the header panel and query parameters. But you could use body as long as the authorization server supports it. Most likely encoding has to form url encoding also.
Hey!!!!! Congratulations on the channel!!!! Good to see your engaging with the platform. Keep up the good work! Cheers
Thanks a lot Luca. Appreciate your feedback.
Good explanation
Thanks for the thumbs up.
I like this way of using custom extension, but what if you like to hide the sensitive information used in that call. Lets say you need to send a clientID and clientSecret to get a token. You do not want that information to be in pain text in the policy for all API GW users to read?
Thanks for the tutorial,
I have a Question when requesting the token (authorization) you sent the grant_type using query parameters, what if want to send it as a form ( in the body) not in the header or parameters. how can I achieve that?
Much appreciated.
This should be possible using the panel "body". I used the header panel and query parameters. But you could use body as long as the authorization server supports it. Most likely encoding has to form url encoding also.
👍
Thanks 😊
Can please remove the background music and re-upload
😀
Sorry about that. 😢 I will give it a try though.