The Layer 7 OAuth Toolkit is a complete OAuth implementation that empowers you to control access to your APIs. It is comprised of:
The authorization server and resource server can integrate with existing identity infrastructure (LDAP, MS AD, CA SiteMinder, Oracle Access Manager, RSA Access Manager, Tivoli Access Manager, Ping) as well other OAuth-capable components.
The OAuth Toolkit supports the OAuth 1.0, 1.0a and 2.0 standards as well as extension grant types such as SAML bearer tokens and JWT (JSON Web Token) bearer tokens. Optional HMAC or RSA signatures, configurable TTL and customizable policy flows are supported for maximum interoperability.
Layer 7 also provides an OpenID Connect implementation built on top of the OAuth Toolkit, which can be used to extend an existing identity directory into a state-of-the-art federated identity provider.
Video: OAuth Toolkit Demo
Webinar: A Practical Guide to API Security & OAuth for the Enterprise featuring Forrester Research, Inc.
Policies can be customized to meet the unique requirements of specific OAuth implementations and can easily be upgraded for the latest versions of the OAuth specification
Layer 7’s OAuth functionality can be implemented in-line for downstream token translation and mapping or as an end-point service
As a co-author of popular specifications like WS-Trust and WS-Federation, Layer 7 is committed to standards-based implementation
The Layer 7 OAuth Toolkit supports: