Problem

API Portal displays the message "Error Forbidden hostname" when you request an OAuth token.

Resolution

This indicates that you need to add trusted OAuth hosts, as documented in the Installation Guide. Use FQDNs for the hostnames and ensure that they can be resolved by DNS.

Add trusted OAuth hosts

To restrict API Portal users from accessing unauthorized OAuth endpoints, you can enter a list of permitted OAuth hosts in the OAuth whitelist:

• In the JAI, click Components > API Portal > OAuth Whitelisting.
• Enter the host names or IP addresses of the trusted OAuth hosts (separated by new lines). Host names are converted to lowercase automatically. Do not enter API Manager hosts as these are added to the whitelist automatically.
• Click Save.