To make an OAuth authorization decision, Tivoli Federated Identity Manager requires specific information regarding the request. The required data includes the following:
WebSEAL uses the EAS plug-in to provide this required data and to use the OAuth functionality in Tivoli Federated Identity Manager. The EAS plug-in is installed with the Security Access Manager Web Security Runtime package.
To include OAuth decisions as part of the standard authorization on WebSEAL requests, you need to perform the following tasks:
This configuration ensures that the correct data is passed to the EAS for each request.