Since Web Services expose crucial business information online, their security is critical for the business. You can secure a web service by using a Security Policy activity.

OAuth Authentication is supported only for REST Web Service Consumer activity.

To configure Security Policy with OAuth Authorization, first you need to create OAuth Profile and then OAuth Account.

OAuth Profile helps to configure the OAuth related parameters like Application credentials, Authorization/Access Token URLs etc. to get the access token from the API provider.

Follow the steps below to create OAuth Profile:

Click Configure > ACCOUNTS > OAuth Profile.
Click CREATE OAuth Profile.
On the Create OAuth Profile window, provide the name of the new OAuth Profile in the Provide a name for this OAuth profile field.

Enter the values in each field of Access Information.

Field Name	Description
OAuth Version	The protocol version to use to connect with your OAuth provider.
OAuth Grant Type	The way the application should interact with your OAuth provider to obtain access token.
Client Identifier	The client identifier issued to the client during the application registration process.
Client Secret	The client secret issued to the client during the application registration process.
Access Token URL	The endpoint for authentication server.
Scope	The scope of the access request. The access token issued to the application will be limited to the scopes granted.
Select Project	Select the Project from drop-down list of Select Project.

Expand Other Settings to view the advanced properties of OAuth Profile.

Field Name	Description
Access Token Request Query Parameters	Enter the Access Token Request Query Parameter. The parameters (other than standard OAuth parameters) to be sent into the access token requests. Specify the comma separated list of key value pairs. Ex. param1=value1, param2=value2.
Access Token Retrieval Method	The HTTP method to use to retrieve access token.
Send Client Credentials in Token Request as	The way the client Id and client secret is to be sent into access token request.
Access Token Key Name in Token Response	The key name to use while extracting access token from token response.
Token Response Body Parameters to be fetched	The extra parameters to be captured from token response.
Token Response Query Parameters to be fetched	The extra parameters to be captured from token response query parameters.
Send Access Token as	Specify how the access token is to be sent into requests. The tokens can be sent as header or query param.
Access Token Key Name in API request	The Token Key Name to be sent into API requests. For ex: the value AUTH_TOKEN will be sent as AUTH_TOKEN: Bearer XXXXXXXX (in case of Header param). Or AUTH_TOKEN=XXXXXXXX (in case of Query param).
Access Token Type in API request	The token Type to be sent into API requests. For ex: the value Bearer will be sent as: Authorization: Bearer XXXXXXXX.

Click Save.

Once OAuth Profile is created, you can now create OAuth Account to generate Access Token.

Follow the steps below to create OAuth Account:

Click Configure > ACCOUNTS > OAuth.
Click CREATE OAuth account.
On the Create OAuth Account window, provide the name of the OAuth Account in the Provide a name for this OAuth account field.
Select the OAuth Profile that you have created from the drop-down list of Select OAuth Profile to use for this account field.

Or, you can also create a new OAuth Profile by clicking .
Select the Project from drop-down list of Select Project.
Click Get Access Token and Save.
This creates your OAuth Account in Adeptia Connect.

Browser not supported