Can we ask the developer to provide clientId and secret for Oauth2 client credentials at the time of the API call

kartik mittal 1 Reputation point
2022-06-28T09:05:43.457+00:00

we want to give access to the client IDs and secrets at the time of the API call which will be added by the end-user for the oauth2 client credentials call.

Azure API Management
Azure API Management
An Azure service that provides a hybrid, multi-cloud management platform for APIs.
1,100 questions
{count} votes

2 answers

Sort by: Most helpful
  1. Aisha Ikram 91 Reputation points
    2022-06-30T17:02:33.243+00:00

    Yes for OAuth Client Credential Grant which is setup for that API, you would need client id and secret to get Token from Authorization Server (AD) which will be passed for that API to work

    No comments

  2. JananiRamesh-MSFT 9,301 Reputation points Microsoft Employee
    2022-07-13T17:11:26.91+00:00

    Hi @kartik mittal Thanks for reaching out. From the description I understand that you wanted to give access to client id and client secret at the time of API call. No this is not possible by using client id and secret you would be able to fetch the token using client credential flow and the token will be passed as a header while calling an API.

    Please let me know incase of further queries, I would be happy to assist you.

    No comments