OAuth2 security with Google tokens provider


I would like to know if is posible integrate the Tyk API Gateway with Google oAuth2 provider. I need to securize my endpoints with Google oAuth tokens because my application use Google Apps users.


Yes you can, you will need to use the Tyk Identity Broker though.

So isn’t it possible to integrate Google for OAuth2 without Tyk Identity Broker?

If possible can you please guide me with the steps for accomplishing the same.

I am also confused with OAuth integration keywords like “auth_login_redirect”. Is it for the

{{ host/protected-endpoint }}

which I have created to which the control will come once Identity Provider gave the access token or is it some of the Identity provider specific url or anything else?

and also this part:

notifications: {
        shared_secret: "9878767657654343123434556564444",
        oauth_on_keychange_url: "http://posttestserver.com/post.php?dir=oauth_notifications"

Urgent help is highly appreciated.


I don’t think it’s possible. Even with Google as an OpenID connect provider, you may still need to do some introspection and I don’t know if you get a JWT bearer or a reference token. Tyk Identity Broker is the bridge that solves that issue.

I am also confused with OAuth integration keywords like “auth_login_redirect”

If you wish to use TIB, we have a doc about the process. For a quick review, you could check out TIB implementation with GitHub and OAuth 2.0. If you are using Tyk OSS, you would just need to call the OAuth Gateway APIs