Enabling OAuth secures the Address Manager API through the use of access tokens issued by the authorization server. An access token represents the authorization of an API client to access the Address Manager API. Once you enable OAuth in Address Manager, you must also enable OAuth on the API client. For example, if you are using BlueCat Gateway, you must update its workflows and endpoints to use OAuth for access to the Address Manager API. Automated scripts must also be updated to use OAuth. For more information, refer to OAuth API Authorization in the Address Manager Administration Guide.
Read-only API sessions with OAuth
secondary_localscope value when retrieving the access token from the OAuth server. The
secondary_localscope ensures that the you are initiating a read-only session and must be set for tokens that will be used to send supported API requests to the Secondary Address Manager. The following example shows the body content of a read-only API session when retrieving the access token from the OAuth server:
client_id : <client id> client_secret: <client secret> grant_type: password username: <username> password: <password> scope: "openid profile email groups secondary_local"
For more information on read-only API sessions and a list of APIs that support read-only sessions, refer to Read-only API sessions.