Authentication Type: OAuth
Base URL: All of your connections will use this base URL. It can include a path, for example https://dev.test.com/restserver. This is the starting point for all of your connections.
When you have a self-signed certificate or a certificate generated from a certificate authority that is not commonly trusted:
Certificate Bundle Filename: The full path to the certificate bundle file or the folder containing the certificates from trusted certificate authorities.
Certificate Filename: The full path to the file containing the certificate and its private key to verify the certificate used in the connection. The private key MUST be unencrypted, as encrypted private keys aren't supported.
Client ID and Client Secret: These are used to request a bearer token from the OAuth provider. The bearer token is used to authenticate every request to the configured URL.
OAuth Authorization URL: The URL that will be used to request a bearer token from the OAuth provider, for example https://dev.provider.com/oauth2/default/v1/token.
OAuth Scopes: A comma-separated list of scopes that need to be included in the request for the bearer token.
By default, Apigee has some non-RFC-compliant properties in their token response, which we don't support. Refer to their non-RFC-compliant page (https://docs.apigee.com/api-platform/reference/policies/oauthv2-policy#non-rfc-compliant-behavior) for information on their non-compliance. Apigee provide an OAuth proxy example that corrects their non-compliant behavior, the example is found here: https://github.com/kurtkanaskie/oauth-compliant.