OAuthV2-GenerateAccessToken-PG.xml

<OAuthV2 name='OAuthV2-GenerateAccessToken-PG'>
  <!-- created at 2016-03-26T02:43:06+0000 -->
  <Operation>GenerateAccessToken</Operation>
  <!--
      ExpiresIn, in milliseconds. The ref is optional. The explicitly specified
      value is the default, when the variable reference cannot be resolved.
      1800000 = 30 minutes
      2400000 = 40 minutes
      3600000 = 60 minutes
  -->
  <ExpiresIn ref='flow.variable'>1800000</ExpiresIn>

  <!--
      RefreshTokenExpiresIn, in milliseconds. Optional; if it is not
      specified, the default value will be used which is -1 (no expiration).
      1800000 = 30 minutes
      28800000 = 8 hours
      691200000 = 8 days
      2592000000 = 30 days
  -->
  <RefreshTokenExpiresIn>28800000</RefreshTokenExpiresIn>

  <SupportedGrantTypes>
    <!--
        for a password grant type, the client_id and client_secret must be
        passed in , in the Basic Auth header, as per the
        specification.
    -->
    <GrantType>password</GrantType>
  </SupportedGrantTypes>

  <!-- variable that specifies the requested grant type -->
  <GrantType>request.formparam.grant_type</GrantType>

  <!-- variable that specifies the scopes to use. -->
  <!-- Note: make sure that the API product has the scopes configured properly. -->
  <Scope>user_scopes</Scope>

  <!--
      Optional: these attributes get associated to the token.
      They will be available to the API proxy whenever the token is
      subsequently validated.
  -->
  <Attributes>
    <Attribute name='authenticated_user'
               ref='request.formparam.username'
               display='true'>UNDEFINED</Attribute>
    <Attribute name='grant_type'
               ref='request.formparam.grant_type'
               display='true'>UNDEFINED</Attribute>
    <Attribute name='user_roles'
               ref='user_roles'
               display='true'>[]</Attribute>
    <!--
    <Attribute name='note-to-joel'
               display='true'>You can attach custom attributes, like this one, to the token</Attribute>
    <Attribute name='note-to-joel-2'
    display='true'>You can also remove some of the properties sent back in the token response, if you like</Attribute>
    -->
  </Attributes>

  <GenerateResponse enabled='true'/>
  <!--

      If you include GenerateResponse and have enabled='true', then
      the response is sent directly to the caller. The payload looks like
      this:

      {
        "issued_at": "1420262924658",
        "scope": "READ",
        "application_name": "ce1e94a2-9c3e-42fa-a2c6-1ee01815476b",
        "refresh_token_issued_at": "1420262924658",
        "status": "approved",
        "refresh_token_status": "approved",
        "api_product_list": "[PremiumWeatherAPI]",
        "expires_in": "1799",
        "developer.email": "[email protected]",
        "organization_id": "0",
        "token_type": "BearerToken",
        "refresh_token": "fYACGW7OCPtCNDEnRSnqFlEgogboFPMm",
        "client_id": "5jUAdGv9pBouF0wOH5keAVI35GBtx3dT",
        "access_token": "2l4IQtZXbn5WBJdL6EF7uenOWRsi",
        "organization_name": "docs",
        "refresh_token_expires_in": "0",
        "refresh_count": "0"
      }

      If you omit GenerateResponse or have enabled='false', then
      these flow variables are set on success:

      oauthv2accesstoken.OAuthV2-GenerateAccessToken-PG.access_token
      oauthv2accesstoken.OAuthV2-GenerateAccessToken-PG.token_type
      oauthv2accesstoken.OAuthV2-GenerateAccessToken-PG.expires_in
      oauthv2accesstoken.OAuthV2-GenerateAccessToken-PG.refresh_token
      oauthv2accesstoken.OAuthV2-GenerateAccessToken-PG.refresh_token_expires_in
      oauthv2accesstoken.OAuthV2-GenerateAccessToken-PG.refresh_token_issued_at
      oauthv2accesstoken.OAuthV2-GenerateAccessToken-PG.refresh_token_status
  -->

</OAuthV2>