AAA OAuth and OIDC in IBM DataPower V7.5

Duration: 
1 days
Codes: 
AAA,IBM,OIDC,SPVC,WE753G,WE753GAU,WE753GNZ,ZE753GS,ZE753GSAU,ZE753GSNZ,INTERMEDIATE
Versions: 
V7.5

Overview

This course teaches you the developer skills that are required to configure and implement authentication and authorization support within your IBM DataPower Gateway V7.5 services.

A common requirement for DataPower services is to authenticate the sender of a message, and authorize that sender to request the message's behavior. The AAA action within DataPower provides the basics of the “authenticate, authorize, and audit” support.

OAuth is an authorization framework that defines a way for a client application to access server resources on behalf of another party. It provides a way for the user to authorize a third party to their server resources without sharing their credentials. DataPower supports OAuth specifications and protocols, and can provide an OAuth web token service.

OpenID Connect (OIDC) is an authentication layer that runs on top of an OAuth 2.0 authorization framework. DataPower can operate as an OIDC client.

In this course, you learn how to use the configuration options and processing actions to add the AAA support to a service, implement an OAuth 2.0 scenario, and add OIDC support.

Hands-on exercises give you experience working directly with an IBM DataPower gateway. The exercises focus on skills such as configuring a AAA action, configuring a web token service, and creating an OIDC client.

Audience

This course is designed for integration developers who configure service policies on IBM DataPower Gateways.

Skills Gained

  • Describe the AAA framework within the IBM DataPower Gateway
  • Explain the purpose of each step in an access control policy
  • Configure a AAA action to enforce authentication and authorization policies that are in a AAA information file and in an LDAP server
  • Describe the OAuth 2.0 framework
  • Explain the role that a DataPower gateway performs in an OAuth 2.0 framework
  • Configure the DataPower objects that are used for OAuth 2.0 interactions
  • Define Social Login
  • Describe how to configure Social Login in DataPower
  • Configure an OIDC client

Prerequisites

Before taking this course, you should successfully complete course Essentials of Service Development for IBM DataPower Gateway V7.5 (WE751G) or Essentials of Service Development for IBM DataPower Gateway V7.5 (ZE751G). You should also be familiar with AAA, OAuth 2.0, and OIDC concepts.

Course Outline

  • Course introduction
  • Authentication, authorization, and auditing (AAA)
  • Exercise: Configuring authentication and authorization in a service
  • OAuth overview and DataPower implementation
  • Exercise: Defining a three-legged OAuth scenario that uses DataPower services
  • Social Login support in DataPower
  • Exercise: Implementing an OIDC client
  • Course summary

Thinking about Onsite?

If you need training for 3 or more people, you should ask us about onsite training. Putting aside the obvious location benefit, content can be customised to better meet your business objectives and more can be covered than in a public classroom. It's a cost effective option.

Submit an enquiry from any page on this site, and let us know you are interested in the requirements box, or simply mention it when we contact you.

Upcoming Dates

  • GREEN This class is Guaranteed To Run.
  • SPVC - Self-Paced Virtual Class.
  • Click a Date to Enroll.
Course Location Days Cost Date
Onsite
Onsite1 500 £500 2019-03-22