Enabling OAuth secures the Address Manager API through the use of access tokens issued by the authorization server. An access token represents the authorization of an API client to access the Address Manager API. Once you enable OAuth in Address Manager, you must also enable OAuth on the API client. For example, if you are using BlueCat Gateway, you must update its workflows and endpoints to use OAuth for access to the Address Manager API. Automated scripts must also be updated to use OAuth.
Before you Begin
To enable OAuth, you need the following:
- Address Manager v9.2.0 or greater
- Open port 443 in Address Manager and the authorization server
- Address Manager can access the authorization server either on premises or cloud
- Register Address Manager as a resource server in the authorization server
- Register Address Manager as a client in the authorization server (OneLogin only)
What Address Manager needs from your Authorization Server
To enable OAuth authorization, you need the following from your authorization
server:
- user claim name
- group claim name
- email claim name
- client ID
- client secret
- introspection endpoint
OR
- XML file or URL to obtain the signing certificate. For more information, refer to the following: