Forum Discussion
How to enable OAuth 2.0 Authentication?
Hi,
I am trying to route the data of a Web service having REST API : http://demo.akeneo.com/api/rest/v1/categories/master . I am using Azure API Management Service for this. I have created an Azure API management service and a Blank API for same. I have created a GET method for this. While testing this API I have I am facing an Error as follows:
HTTP/1.1 401 Unauthorized
cache-control: max-age=0, must-revalidate, no-store, private
content-security-policy: default-src 'self' *.akeneo.com 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'nonce-07f41c14e74157aff6fa6296dac0027c13e46705'; img-src 'self' data: ; frame-src * ; font-src 'self' data:
content-type: application/json
date: Tue, 12 May 2020 07:05:18 GMT
expires: Tue, 12 May 2020 07:05:18 GMT
ocp-apim-trace-location: https://apimst3v04xlapwxf3c99avt.blob.core.windows.net/apiinspectorcontainer/9kvUzyqpMfhQQii4nn7e49QLxiE1-16?sv=2018-03-28&sr=b&sig=e9ETEXuY0pbzxyM%2FLBsJiidcrVL%2BROf1FnZ9652IDfw%3D&se=2020-05-13T07%3A05%3A18Z&sp=r&traceId=ba521452333d475b95521351d7ac19f3
pragma: no-cache
transfer-encoding: chunked
vary: Origin
www-authenticate: Bearer realm="Service", error="access_denied", error_description="OAuth2 authentication required"
x-content-security-policy: default-src 'self' *.akeneo.com 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'nonce-07f41c14e74157aff6fa6296dac0027c13e46705'; img-src 'self' data: ; frame-src * ; font-src 'self' data:
x-frame-options: sameorigin
x-webkit-csp: default-src 'self' *.akeneo.com 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'nonce-07f41c14e74157aff6fa6296dac0027c13e46705'; img-src 'self' data: ; frame-src * ; font-src 'self' data:
{
"error": "access_denied",
"error_description": "OAuth2 authentication required"
}
When I change my Security to OAuth 2.0 it gives says No OAuth 2.0 servers were configured.
Please can anyone help with how to configure the OAuth 2.0 Servers. Also, is the method I am using to in Azure API management Service to GET the data of the REST API correct. If there is some other work around, please specify.