Enabling OAuth secures the Address Manager Legacy v1 API through the use of access tokens issued by the authorization server. An access token represents the authorization of an API client to access the Legacy v1 Address Manager API. Once you enable OAuth in Address Manager, you must also enable OAuth on the API client. For example, if you are using BlueCat Gateway, you must update its workflows and endpoints to use OAuth for access to the Legacy v1 Address Manager API. Automated scripts must also be updated to use OAuth. For more information, refer to OAuth API Authorization in the Address Manager Administration Guide.
Read-only Legacy v1 API sessions with OAuth
secondary_local
scope value when retrieving the access token
from the OAuth server. The secondary_local
scope ensures that the
you are initiating a read-only session and must be set for tokens that will be used
to send supported API requests to the Secondary Address Manager. The following
example shows the body content of a read-only API session when retrieving the access
token from the OAuth
server:client_id : <client id>
client_secret: <client secret>
grant_type: password
username: <username>
password: <password>
scope: "openid profile email groups secondary_local"
For more information on read-only API sessions and a list of APIs that support read-only sessions, refer to Read-only Legacy v1 API sessions.