Authorize access using Google OAuth token
This article shows an Azure API management policy sample that demonstrates how to authorize access to your endpoints using Google as an OAuth token provider. To set or edit a policy code, follow the steps described in Set or edit a policy. To see other examples, see policy samples.
Policy
Paste the code into the inbound block.
<!-- The policy defined in this file shows how to authorize access to your endpoints using Google as an OAuth token provider. -->
<!-- Copy the following snippet into the inbound section. -->
<policies>
<inbound>
<base />
<!-- Note the clock-skew attribute. This attribute is required to prevent some intermittent errors and can be tailored to suit your scenario. -->
<validate-jwt header-name="Authorization" failed-validation-httpcode="401" clock-skew="120" failed-validation-error-message="Unauthorized. Access token is missing or invalid.">
<openid-config url="https://accounts.google.com/.well-known/openid-configuration" />
<!-- Without the following section, only https://accounts.google.com is allowed. However the .net google client library often returns an issue related to accounts.google.com -->
<!-- Having both issuers ensures all usage scenarios work. -->
<issuers>
<issuer>accounts.google.com</issuer>
<issuer>https://accounts.google.com</issuer>
</issuers>
</validate-jwt>
</inbound>
<backend>
<base />
</backend>
<outbound>
<base />
</outbound>
<on-error>
<base />
</on-error>
</policies>
Next steps
Learn more about APIM policies:
Povratne informacije
Pošalјite i prikažite povratne informacije za