Integrating with Zuplo
On this page
Overview
The Zuplo API Gateway is highly configurable and extendable. A policy that allows for the Phantom Token to be configured is provided by Zuplo out-of-the-box.
This article describes the Introspection and Phantom Tokens process in more detail.
Prerequisites
- An installation of the Curity Identity Server
- An introspection endpoint configured with the Token Procedure Approach
If you do not have an installation of the Curity Identity Server, follow this tutorial installation of the Curity Identity Server and configure the installation by running Curity Basic Setup Wizard as outlined in this tutorial Curity Basic Setup Wizard.
Configure Zuplo
The Zuplo documentation details how to configure the Zuplo API Gateway with the Curity Phantom Token Auth.
| Environment Variable | Description | Example | Required for integration |
|---|---|---|---|
INTROSPECTION_URL | The URL used by Zuplo to introspect the opaque access token. | https://idsvr.example.com/oauth/v2/oauth-introspect | Yes |
CLIENT_ID | ID of the client used for introspection. | gateway-client | Yes |
CLIENT_SECRET | Secret of the client used for introspection. | Pa$$word1! | Yes |
Resources
- Zuplo documentation for Curity Phantom Token Auth policy
- Information on the Introspection and Phantom Tokens flow
- Installing the Curity Identity Server
- Details on the Curity Basic Setup Wizard
Join our Newsletter
Get the latest on identity management, API Security and authentication straight to your inbox.
Start Free Trial
Try the Curity Identity Server for Free. Get up and running in 10 minutes.
Start Free Trial
