OAuth 2.0 and Custom tokens API?

Support Setting up Tyk
1

Imported Google Group message. Original thread at: Redirecting to Google Groups Import Date: 2016-01-19 21:37:03 +0000.
Sender:Michael Sheldon.
Date:Friday, 18 December 2015 21:18:28 UTC.

We are trying to use the OAuth Flow Option 1 as described here: https://tyk.io/v1.9/access-control/oauth2/ which I believe includes the use of the REST API to create “Custom tokens” as described here: https://tyk.io/v1.9/access-control/access-keys/#custom-tokens:8a3b4b78ab5ccd36f43104b4d02eae46.

My question is, where in the REST API can I create custom tokens?

Here’s a little detail on what we’re trying to do:
We are using ThinkTecture Identity Service as our ID Gateway and currently use it to get OIDC (OAuth) Access tokens
We would like to use Tyk as our API gateway to gain “access control, quotas and rate limiting”
Thanks for your help!

2

Imported Google Group message.
Sender:Martin Buhr.
Date:Friday, 18 December 2015 21:36:48 UTC.

Hi Michael,
You can add keys using a post to a non existent key ID like this:
https://tyk.io/v1.9/rest-api/api-key-management/#add-update-keys:62eb43c854cb923da811a9fa4c845be3
These aren’t OAuth tokens obviously, you are just registering a key with Tyk and some access rules + expiry, Tyk will then evaluate that key on inbound requests.
One caveat is that the standard OAuth Authorization header might not work because of the Bearer component of the field value, if you exclude that keyword and just add the key to the auth header it should work fine.
Naturally, with flow 1. You don’t get refresh tokens or any of that jazz as that’s been delegated to another provider.
hope that helps :slight_smile:
Cheers,
Martin

3