How do I check that an OAuth 2.0 client can connect to AM (All versions)?

Checking that an OAuth 2.0 client can connect

The following check validates the client credentials to prove that the client can connect to AM but does not create a session, this is done by simply validating the OAuth2 client and client secret. This method may be preferable to the alternative for testing, which involves generating an rest-api-oauth2-token-admin-endpoint › OAuth 2.0 Guide and then revoking it.

You can validate the client credentials using a REST call similar to this:$ curl -X POST -H "X-OpenAM-Username: myOAuth2Client" -H "X-OpenAM-Password: clientPassword" -H "Content-Type: application/json" -H "Accept-API-Version: resource=2.1" http://host1.example.com:8080/openam/json/realms/root/authenticate?realm=/&noSession=true&authIndexType=module&authIndexValue=Application

Responses:

• A successful response will look similar to this, where a session token is not created because of the noSession parameter: {"message":"Authentication Successful","successUrl":"/openam/console","realm":"/"
• Whereas an unsuccessful response is similar to this: {"code":401,"reason":"Unauthorized","message":"Authentication Failed"}

See Also

How do I check if AM (All versions) is up and running?

How do I check that an Agent (All versions) can connect to AM?

OAuth 2.0 in AM

OAuth 2.0 Guide

Related Training

N/A

Related Issue Tracker IDs

N/A