HomeTyk Identity BrokerExample configurationsGenerate an OAuth token using LDAP

Generate an OAuth token using LDAP

The configuration below will take a request that is posted to TIB, authenticate it against LDAP, if the request is valid, it will redirect to the Tyk Gateway OAuth clients’ Redirect URI with the token as a URL fragment:

    "ActionType": "GenerateOAuthTokenForClient",
    "ID": "6",
    "IdentityHandlerConfig": {
        "DashboardCredential": "{DASHBAORD-API-ID}",
        "DisableOneTokenPerAPI": false,
        "OAuth": {
            "APIListenPath": "{API-LISTEN-PATH}",
            "BaseAPIID": "{BASE-API-ID}",
            "ClientId": "{TYK-OAUTH-CLIENT-ID}",
            "RedirectURI": "http://{APP-DOMAIN}:{PORT}/{AUTH-SUCCESS-PATH}",
            "ResponseType": "token",
            "Secret": "{TYK-OAUTH-CLIENT-SECRET}"
    "MatchedPolicyID": "POLICY-ID",
    "OrgID": "53ac07777cbb8c2d53000002",
    "ProviderConfig": {
        "FailureRedirect": "http://{APP-DOMAIN}:{PORT}/failure",
        "LDAPAttributes": [],
        "LDAPPort": "389",
        "LDAPServer": "localhost",
        "LDAPUserDN": "cn=*USERNAME*,cn=dashboard,ou=Group,dc=ldap,dc=tyk-ldap-test,dc=com"
    "ProviderName": "ADProvider",
    "ReturnURL": "",
    "Type": "passthrough"

This configuration is useful for internal API that require valid OAuth tokens (e.g.a webapp or mobile app) but needs validation by an LDAP provider.

Was this article helpful to you? Yes No