detecting oAuth2 Request on resource server
we try to use the same APM Policy for SAML and for oAuth2 and to do this without getting Errors in OAuth Scope on none oAuth2 Requests we need to have the posiblity to read the Bearer Authorization Header to detect an oAuth2 Token request. The Problem is that APM "hides" the Header Values ( the Agent Even looks like a redirect where the Headers are missing) so in the Policy we where unable to get the Header. (not found in ACCESS_POLICY_AGENT_EVENT) In a iRule we can get the Header in the HTTP_REQUEST but every try to get/transfer any information in the session fails. HTTP_REQUEST is to early (no Session) and ACCESS_SESSION_STARTED is to late. Has anybody a idea to solved this problem?