Test the new security

  1. Execute the following cURL command to test this provider. Here, you use the catalog endpoint and automatic subscription information that you collected earlier.
    curl -v -k https://{api_endpoint}/sb/oauther/oauth2/token -d "grant_type=password&scope=weather&username=username&password=password&client_id={automatic_client}
    For example, here is the command with sample values: curl -v -k https://api.us.apiconnect.ibmcloud.com/myorg-myspace/sb/oauther/oauth2/token -d "grant_type=password&scope=weather&username=username&password=password&client_id=0ee69658-d17b-4f7b-9b84-6d9870b39ebe"
    The OAuth provider returns a token.
  2. Using cURL, obtain a token once again. Save the token in some way so that you can copy it. Note that tokens expire in a few minutes.
  3. Copy the token for use in the next invocation to the Climbing Weather API.
  4. Execute a cURL command to obtain a weather report from the Climbing Weather API by using the OAuth token. The command takes the following form:
    curl -v -k https://api.us.apiconnect.ibmcloud.com/{org-name)(space-name)/sb/weather/forecast?zip=01742 -H "X-IBM-Client-Id:" -H "X-IBM-Client-Secret:" -H "Authorization:Bearer "
    Here is a sample:

Your API is now protected using the OAuth 2.0 protocol.