The OAuth interceptor verifies if the header, client ID and access token are present in the request and if the client ID and the access token are valid. Otherwise, an exception is triggered.

The checkboxes on the interceptor settings indicate the methods by which access tokens are obtained for the given API (the grant types). More than one grant type may be selected. ] Also, the interceptor can only be added in the request flow.

The grant type is verified only when you create the token, not when you use it. Once created, the token remains valid until it expires or is revoked. Changing the grant types that are accepted for the generation of new tokens does not affect the validity of already existing ones.
If your API returns the status code 401 Unauthorized when using this interceptor, the token may be invalid. See more details on this page of our FAQs.
Thanks for your feedback!

Share your suggestions with us!
Click here and then [+ Submit idea]