Manual Chapter : About OAuth Authorization
Applies To:Show Versions
- 15.0.1, 15.0.0
About OAuth Authorization
When Access Policy Manager (APM®) is configured to act as an OAuth authorization server, an OAuth Authorization agent must be present in the access policy.
The OAuth Authorization agent provides these elements and options.
- Prompt for Authorization
- Enabled- Displays the OAuth Authorization page. The page requests authorization for the client application to access a list of scopes and presents the options to allow or to deny access.
- Disabled- Does not display the OAuth Authorization page.
- Type the name of a subject claim (for JSON web tokens).
- Specifies the audiences for the claims (for JSON web tokens).
- Scope / Claim Assign
- Specifies the scopes or the claims for which authorization is requested. If no scopes or claims are specified here, the ones configured in APM for the client application are used.
- Customize the messages that display on the OAuth authorization page whenPrompt for Authorizationis set toEnabled:
- Language- Specifies the language in which you want to customize the fields for this OAuth Authorization agent page.You select languages in this section only for the purpose of customization. The language used in a policy is determined by the user's browser settings. The default language for a per-session policy is determined in the access profile and not in the policy.
- Authorize Message- Specifies the initial wording for the prompt.
- Scope Message- Specifies the wording that precedes the list of scopes that are specified in the Scope / Claim Assign area of this screen.
- Allow Message- Provides the label for the button that allows access.
- Deny Message- Provides the label for the button that denies access.