Kyma Environment Broker endpoints are secured by OAuth2 authorization. It is configured in the authorization-policy file.
To access the KEB Open Service Broker (OSB) endpoints, use the /oauth prefix before OSB API paths. For example:
/oauth/{region}/v2/catalogYou must also specify the Authorization: Bearer request header:
Authorization: Bearer {ACCESS_TOKEN}Follow these steps to obtain a new access token:
export CLIENT_ID={CLIENT_ID}
export CLIENT_SECRET={CLIENT_SECRET}
export TOKEN_URL={TOKEN_URL}
export ENCODED_CREDENTIALS=$(echo -n "$CLIENT_ID:$CLIENT_SECRET" | base64)
curl -ik -X POST $TOKEN_URL -H "Authorization: Basic $ENCODED_CREDENTIALS" --data "grant_type=client_credentials" --data "scope=broker:write"