Hello All,
I’m trying to figure if Tyk fits in with our current infrastructure.
Didn’t find in the documentation if TIB supports authorization with an external service using the Client Credentials Flow of the OAuth2 standard, there is only mention of OpenID Connect.
In the case of ClientCredentials there is no user information that OpenID Connect can provide.
We would like to give 3rd party access to our customers and assign them a client_id and client_secret in our Authorization Server - how would this relate/couple to the Identity Management in Tyk Gateway?
Using JWT is ok, as an alternative you can use simple tokens as I mentioned above, and on step 2) before user receive his access_token, you call can call Tyk API to create a token with exactly same id as access_token from your oauth server, so the user can transparently pass it to Tyk gateway, even without knowing that auth and gateway itself are separate systems.
I didn’t get what you mean by your step 2. How I can create a token with the same id for Tyk using the Tyk Key API (//tyk.io/docs/tyk-apis/tyk-dashboard-api/api-keys/)? I didn’t saw any related parameter on the API documentation. Can you detail more this step?
How we can create a Tyk API Key as a OAuth access_token?
@leon
Hello Ieon:
We have used the tyk gateway achieved that in a POC. For Oauth2.0 API. use the social of github provider to get Access token,Successful access to the API
Next, we expect to implement a provider of our own, like github(have login function,Authenticate user, provide scope).
Please provide guidance, what functions to implement in order to achieve Oauth2.0 with the purpose of generating Access token with TIB !
I am looking forward to you reply, thank you.
If we talking about option 1, it basically means avoiding using TIB at all, and embedding some small application logic part directly to your App, to integrate with Tyk.