apigee

• https://cloud.google.com/apigee/docs/api-platform/get-started/what-apigee

Apigee provides an API proxy layer that sits between your backend services and internal or external clients that want to use your services.

An API proxy is an interface between incoming requests and backend services.

A target endpoint defines the way your API proxy interacts with your backend services.

A policy is an Apigee component that you can attach to different points in the message flow through your API proxies. Policies can transform message formats, enforce access control, call remote services, authorize users, examine message content for potential threats, and do much more.

OAuth2 client credentials

• https://cloud.google.com/apigee/docs/api-platform/tutorials/secure-calls-your-api-through-oauth-20-client-credentials

OAuth 2.0 token Security: Authorization Select: OAuth 2.0 Verify OAuth v2.0 Access Token To obtain an OAuth 2.0 access token, you need to create three Apigee entities: an API product, a developer, and a developer app. get the consumer key and consumer secret that will be exchanged for an OAuth 2.0 access token.

   1 # get access token 
   2 curl -X POST -H "Content-Type: application/x-www-form-urlencoded" \
   3 "https://YOUR ENV_GROUP_HOSTNAME/oauth/client_credential/accesstoken?grant_type=client_credentials" \
   4 -d "client_id=CLIENT_KEY&client_secret=CLIENT_SECRET"
   5 
   6 # call API proxy with access token 
   7 curl https://YOUR ENV_GROUP_HOSTNAME/hellooauth2 -H "Authorization: Bearer TOKEN"

To do its job as an OAuth2 authorization server, Apigee needs to expose endpoints where clients can request tokens and auth codes.