Layer 7 OAuth Toolkit
Making OAuth Implementation Simple
OAuth is rapidly becoming the preferred authentication and authorization method for accessing Web-based resources via APIs. The OAuth Toolkit makes it simple to implement OAuth using the Layer 7 API Proxy or any other Layer 7 Gateway. Layer 7 Gateways support the OAuth 1.0a, OAuth WRAP and OAuth 2.0 specifications and can be used to simplify both two- and three-legged implementations for authorization servers and protected resource servers.
Built-in Security Token Service
Layer 7 Gateways ship with a built-in Security Token Service (STS), which can issue and validate security tokens in a variety of formats and structures, depending on the requirements of the specific OAuth implementation. Security tokens generated by the Layer 7 STS can be used as OAuth access tokens, optionally with HMAC or RSA signature methods and SHA-1, SHA-256 or SHA-512 encryption.
SAML Single Sign-On
Furthermore, because Layer 7 Gateways support SAML, they can be used to enable Web browser Single Sign-On (SSO) capabilities for federating identities between on-premise systems and Cloud-based services. The OAuth Toolkit makes it simple to use a SAML assertion generated by the SecureSpan API Proxy or other Layer 7 Gateway as an OAuth authorization grant to obtain an access token.
Video: OAuth Toolkit Demo
Webinar: A Practical Guide to API Security & OAuth for the Enterprise featuring Forrester Research, Inc.
Extensible Policies
Policies can be customized to meet the unique requirements of specific OAuth implementations and can easily be upgraded for the latest versions of the OAuth specification
Deployment Flexibility
Layer 7’s OAuth functionality can be implemented in-line for downstream token translation and mapping or as an end-point service
Standards Support
As a co-author of popular specifications like WS-Trust and WS-Federation, Layer 7 is committed to standards-based implementation
The Layer 7 OAuth Toolkit supports:
|
|
