My Oracle Support Banner

How To Make An Oracle API Gateway Policy Validate Client's Certificate? (Doc ID 1914738.1)

Last updated on OCTOBER 07, 2022

Applies to:

Oracle API Gateway - Version and later
Information in this document applies to any platform.


Using the SSL filter in a policy to allow for the validation of the user based on the client certificate passed by the request.

In order to use this filter, it is necessary to create a user and add the user to a group to be used by the Check Group Membership filter when the user request comes to OAG policy.  OAG checks if the user is in the group and will return error if the user is not in the group specified.

There is a further requirement to check the certificate against the OAG certificate store to ensure it is trusted.  The OAG policy in this case should not just compare the user name and ignore the user certificate comparison.
What filters are required to perform this task in an OAG policy?


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.