> For the complete documentation index, see [llms.txt](https://docs.elimity.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.elimity.com/reference-manual/v3.44.2/server-configuration/oauth2-endpoint-parameters-for-gateway-authentication.md).

# OAuth2 endpoint parameters for gateway authentication

The v3.42.0 release added a new `GatewayOAuth2EndpointParams` configuration option to support customization of Elimity Insights' access token retrieval for gateway authentication. By default, assuming `EnableGatewayOAuth2` is `true`, Elimity Insights will perform a basic OAuth2 client credentials flow. The `GatewayOAuth2EndpointParams` configuration option allows inclusion of additional parameters in the access token request. It should be a record mapping parameter names to [Expr](https://expr-lang.org/) programs that result in the respective parameter's value.

As an example we'll explain how this feature allows us to provide out-of-the-box gateway authentication to our SaaS customers. As detailed in [our documentation about gateway-based imports](/reference-manual/v3.44.2/advanced-topics/gateway-based-imports.md), we want to include `base_url`, `gateway_url` and `source_id` custom claims in the access tokens from our own OAuth2 server. To achieve this, we first need to make sure Elimity Insights provides the additional information in its token requests. For example, a token request from `https://example.elimity.com` for a gateway at `https://gateway.example.com` to import into a source with id `42` should look like this:

```http
POST /oauth/token HTTP/1.1
Host: auth.elimity.com
Content-Type: application/x-www-form-urlencoded

grant_type=client_credentials&
client_id=example-client-id&
client_secret=example-client-secret&
audience=gateway&
base_url=https%3A%2F%2Fexample.elimity.com&
gateway_url=https%3A%2F%2Fgateway.example.com&
source_id=42
```

This corresponds to the following configuration for Elimity Insights:

| Configuration option                      | Value                                    |
| ----------------------------------------- | ---------------------------------------- |
| `EnableGatewayOAuth2`                     | `true`                                   |
| `GatewayOAuth2ClientId`                   | `"example-client-id"`                    |
| `GatewayOAuth2ClientSecret`               | `"example-client-secret"`                |
| `GatewayOAuth2EndpointParams.audience`    | `"'gateway'"`                            |
| `GatewayOAuth2EndpointParams.base_url`    | `"baseURL"`                              |
| `GatewayOAuth2EndpointParams.gateway_url` | `"gatewayURL"`                           |
| `GatewayOAuth2EndpointParams.source_id`   | `"sourceID"`                             |
| `GatewayOAuth2TokenUrl`                   | `"https://auth.elimity.com/oauth/token"` |

Each value in the `GatewayOAuth2EndpointParams` record must be a valid [Expr](https://expr-lang.org/) program with result type `string`. Elimity Insights will inject the following variables:

| Variable     | Type     | Description                                         |
| ------------ | -------- | --------------------------------------------------- |
| `baseURL`    | `string` | Base URL of the Elimity Insights server             |
| `gatewayURL` | `string` | URL of the gateway to import data from              |
| `sourceID`   | `string` | Unique identifier of the source to import data into |


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://docs.elimity.com/reference-manual/v3.44.2/server-configuration/oauth2-endpoint-parameters-for-gateway-authentication.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.
