Add OAuth 2.0 as a proxy authentication
Currently Proxy Authentication supports HTTP Basic and Client Certificates. In an effort to make a unified OAuth 2.0 Gateway, we have some services using other OAuth 2.0 providers for the security in the backend and would like to use something like Client Credentials flow or the On Behalf Of flow to call the existing service keeping the front with only one OAuth implementation.
Thank you, Anthony. Please see if this example provides a suitable workaround in the meantime – https://github.com/Azure/api-management-policy-snippets/blob/master/Snippets/Get%20OAuth2%20access%20token%20from%20AAD%20and%20forward%20it%20to%20the%20backend.policy.xml
Dillon Redding commented
Anthony Lofton commented
This looks like it may work, however is there a way to cache the token until it expires since it will not be changing? Having to hit the Authorization endpoint every request may cause issues on an API that is used frequently.
Maqsood Ali commented
Should also support OpenID-Connect