I have a M2M application X associated with an API Y.
When the client service applies for its access token to access API Y I would like to query an external API, through the Rules mechanism, and enrich/add information onto the access token so that this data is available to the API Y being accessed at the moment of decoding the token.
All examples seem to be geared towards Connection type of authentication where a User is present and has logged in. Event the Try with … section only allows to select connections and not M2M applications.
1 Like
Hi @gerardo.zenobi,
Welcome to the Community!
Rules run after authentication, which means they are user-centric, and not going to be applicable for M2M.
Instead, check out the client credentials hooks:
I think this should do what you are requesting. Please let me know if it doesn’t fit your needs and we can try something else.
Thanks,
Dan
2 Likes
I see, thanks for the rapid response 
Given the hook would be created for Client Credentials exchange, naturally this will only apply for M2M type of authentications correct ? Am I missing other scenarios where this flow might be used other than M2M ?
I would have to then create and duplicate the logic in a Rule for User/Connection based authentications (as I want this information enrichment to be applied in both uses cases) is that correct ?
Thanks,
Gerardo
1 Like
That is correct. CC exchange will not affect the user based flows.
Also correct!
1 Like
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.