Skip to content
Branch: master
Find file History
Don Fong
Latest commit a81bf80 Sep 15, 2016
Type Name Latest commit message Commit time
Failed to load latest commit information.
apiproxy remove redundant http: prefix in oauth-verify-accessotken/apiproxy/ta… Sep 15, 2016 changed title May 17, 2016 Add sample bundle for OAuth20 Verify AccessToken flow to access a pro… Feb 27, 2013 remmove weather May 17, 2016

Verify an OAuth2 token

This sample API proxy shows how an OAuth 2.0 access token is used to access a resource protected by OAuth policies. The API Proxy validates incoming requests using the access token, and reads Quota settings from an API Product to rate-limit client apps.

The API proxy contains the following policies:

  1. OAuth 2.0: Validates the access token for the request URL, and looks up attributes from the API Product associated with the client app
  2. Quota: Enforces a limit on the number of API calls, based on the values set in the API product


As, this flow involves generation of access token before requesting the protected resource, the script will guide you through the generation of access token flow. Simply follow prompts.

Set up

  • The username and password that you use to login to
  • The name of the organization in which you have an account. Login to and check account settings.


  1. Update /setup/ with your account settings

  2. Configure API products, developers, and apps in your organization by running the following script:

  3. Run ../setup/provisioning/

Import and deploy sample project

To deploy, run $ sh

To test, run $ sh

Get help

For assistance, please use Apigee Support.

Copyright © 2016 Apigee Corporation

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

You can’t perform that action at this time.