OAuth Toolkit
Add OAuth & OpenID Connect to Your APIs
The Layer 7 OAuth Toolkit is a complete OAuth implementation that empowers you to control access to your APIs. It is comprised of:
- An OAuth authorization server supporting various types of OAuth handshake with API-consuming applications
- An OAuth resource server in the form of an API Gateway protecting access to your APIs at runtime
- A token management system, which can be deployed in a distributed architecture
The authorization server and resource server can integrate with existing identity infrastructure (LDAP, MS AD, CA SiteMinder, Oracle Access Manager, RSA Access Manager, Tivoli Access Manager, Ping) as well other OAuth-capable components.
The OAuth Toolkit supports the OAuth 1.0, 1.0a and 2.0 standards as well as extension grant types such as SAML bearer tokens and JWT (JSON Web Token) bearer tokens. Optional HMAC or RSA signatures, configurable TTL and customizable policy flows are supported for maximum interoperability.
Layer 7 also provides an OpenID Connect implementation built on top of the OAuth Toolkit, which can be used to extend an existing identity directory into a state-of-the-art federated identity provider.
Video: OAuth Toolkit Demo
Webinar: A Practical Guide to API Security & OAuth for the Enterprise featuring Forrester Research, Inc.
Extensible Policies
Policies can be customized to meet the unique requirements of specific OAuth implementations and can easily be upgraded for the latest versions of the OAuth specification
Deployment Flexibility
Layer 7’s OAuth functionality can be implemented in-line for downstream token translation and mapping or as an end-point service
Standards Support
As a co-author of popular specifications like WS-Trust and WS-Federation, Layer 7 is committed to standards-based implementation
The Layer 7 OAuth Toolkit supports:
|
|
