Authentication server

Infor has built an OAuth 2.0 authentication server that API Gateway uses to validate the OAuth 2.0 bearer token that is passed as part of the request.

If the token is valid, then the Tenant and Identity2 GUID (unique user identifier) are saved into the gateway’s request context. If the token is missing or not valid, the gateway immediately returns a 401 unauthorized error to end the request.