A common requirement for DataPower services is to authenticate the sender of a message, and authorize that sender to request the message’s behavior. The AAA action within DataPower provides the basics of the â€œauthenticate, authorize, and auditâ€ support.
OAuth is an authorization framework that defines a way for a client application to access server resources on behalf of another party. It provides a way for the user to authorize a third party to their server resources without sharing their credentials. DataPower supports OAuth specifications and protocols, and can provide an OAuth web token service.
OpenID Connect (OIDC) is an authentication layer that runs on top of an OAuth 2.0 authorization framework. DataPower can operate as an OIDC client.
In this course, you learn how to use the configuration options and processing actions to add the AAA support to a service, implement an OAuth 2.0 scenario, and add OIDC support.
Hands-on exercises give you experience working directly with an IBM DataPower gateway. The exercises focus on skills such as configuring a AAA action, configuring a web token service, and creating an OIDC client.
This course is designed for integration developers who configure service policies on IBM DataPower Gateways.
Before taking this course, you should successfully complete course Essentials of Service Development for IBM DataPower Gateway V7.5 (WE751G) or Essentials of Service Development for IBM DataPower Gateway V7.5 (ZE751G). You should also be familiar with AAA, OAuth 2.0, and OIDC concepts.