This article describes how OAuth 2.0 security for Apigee management API can be used with apigee-deploy-maven-plugin
Refer to Part 2 of this article for information on Two-Factor Authentication and apigee-deploy-maven-plugin.
apigee-deploy-maven-plugin can be used to deploy APIs to Apigee Edge and uses Apigee's management APIs to perform its functions.
More reading to know how Maven plugin can help in API Team Development.
OAuth 2.0 security is available for Apigee Edge management API. This improves on Basic Authentication available as the default option for accessing Apigee Edge management API.
Read more to understand OAuth2 security for Apigee Edge management API.
The plugin supports OAuth 2.0 in its 1.1.0 release. This article provides the steps to configure and enable the OAuth 2.0 support in the plugin.
To enable OAuth 2.0 update the corresponding pom.xml file with the information given below. You can refer to the shared-pom.xml in the samples folder in the plugin for reference.
Use plugin version 1.1.0.
<plugin> <groupId>io.apigee.build-tools.enterprise4g</groupId> <artifactId>apigee-edge-maven-plugin</artifactId> <version>1.1.0</version>
Add configuration parameters to all profiles you intend to enable OAuth. The configuration below allows the values to be provided through a command line parameter. The value can be hardcoded in the xml file if needed.
<apigee.tokenurl>${tokenurl}</apigee.tokenurl> <apigee.authtype>${authtype}</apigee.authtype>
Note: OAuth 2.0 interaction is seamless to the user and is completely managed by the plugin
To enable OAuth 2.0 set the authtype parameter when invoking the maven command.
mvn install -Ptest -Dusername=$ae_username -Dpassword=$ae_password -Dauthtype=oauth
You will see the following in the Maven logs.
[INFO]Acquiring mgmt API token from https://login.apigee.com/oauth/token [INFO]MFA token not provided. Skipping.
In each management API call performed by the Maven plugin you will see the following header.
authorization: Bearer [Not shown in log]
To support OAuth, other than the configuration discussed above no additional steps are required in Continuous Integration tools like Jenkins, Bamboo, Travis etc., that typically invoke Maven.
The OAuth 2.0 security for Apigee Edge management API is unavailable to Apigee private cloud yet. Please check OAuth 2.0 information page for latest updates.
The 1.1.0 release of deploy plugin continues to support Basic Authentication security and is the default mode for this plugin.
OAuth and Two-Factor Authentication for Maven. Part 2: Two-Factor Authentication