We implemented OAuth2.0 using API Connect 5.x. The OAuth2.0 APIs are deployed in two DataPower gateway servers. The two datapower server is load balanced with f5.
Success Scenario:
1. The authorize request goes to DataPower1
2. The Token request foes to DataPower 1
3. Successfully generated Access Token
Failure Scenario:
1. The authorize request goes to DataPower 1
2. The Token request foes to DataPower 2
3. Access token is NOT generated and log shows “Failed to verify oauth request signature”.
4. DataPower2, is not able to decrypt the Access Code generated by DataPower1.
Following fix also not working:
• Enable Quote Enforcement server
• Configure DataPower1 as master
• Configure DataPower2 as slave
• The meta data is no shared between the two DP servers.
• We did not enable Revocation yet.
Does API Connect oauth2.0 works if we have two DataPower gateway server?