Ad-hoc portal

Report Inappropriate Content · 12-05-2015 11:13 AM

Hi all,

has anyone of you using Apigee edge with a custom OAuth flow implemented by an internal enterprise system? Also, has anyone of you developed a WebApp that orchestrate between the Apigee portal and the internal system (e.g. create an user in the Apigee portal and in the internal system)?

thanks lot.

sarthak

Yes, there are few examples of orchestrations between Apigee portal and internal user stores like LDAP. There are a few modules which comes built in in the dev portal to enable LDAP/AD/External Oauth etc. You can always customize the user registration module to customize it anyway you want. I would say quite a few customers do that today. Is there anything specific you wanted to know about such integrations ?

Next question is : What is a custom OAuth flow? 🙂 Either it is Oauth or it is Custom... Oauth spec do not allow you to create your own flows. So even if you deviate by a tiny bit from the spec it is a custom authentication mechanism and not Oauth. And why that is important is because as soon as you make a tiny deviation all Oauth client libraries will start failing, someone familiar with Oauth will have to learn your whole flow from scratch, thus making the life of APP developer more difficult.

Does that makes sense @antonio bruno ? Let me know if you don't agree.

Report Inappropriate Content

Hi sarthak, thanks for your reply. Yes, you are right. Custom OAtuh is not OAuth anylonger. In my case the external flow (visible to the app) is the same as OAuth though. There are just few more options that the final user can have and that OAuth has not. But that is not my point.

I am interested in share experience with people that have implemented their own WebApplications that behind the scene orchestrates between the API portal, developer services and this "internal OAuth implementation". All done via REST calls. So this WebApp is where developers register, take api_key, chose API products etc...

Are you aware of anything like that or it is just complicated what i think to do?

thanks lot.

anilsr

@antonio bruno , Are you looking for sample web application which uses Apigee Management APIs for developer register, take api_key, chose API products etc other than Apigee Developer Portal ?

anilsr

@antonio bruno , Welcome to Apigee Community 🙂

anilsr

Dear @antonio bruno ,

Regarding ,

Has anyone of you using Apigee edge with a custom OAuth flow implemented by an internal enterprise system?

Are you talking about signing into Apigee Edge Portal using external oAuth or Signing into Apigee Developer Portal using external oAuth ?

If you are talking about Apigee Developer Portal, there are many drupal modules available like LDAP, Login with Google, Login with Facebook Examples.

Regarding,

Also, has anyone of you developed a WebApp that orchestrate between the Apigee portal and the internal system (e.g. create an user in the Apigee portal and in the internal system)?

Do you mean Apigee Edge Portal when you said Create an user in the Apigee portal in above question? Are you looking for alternative to Drupal based Apigee Developer Portal / Integrate same functionality into existing internal system?

If answer is yes to above questions,

Yes, It's absolutely possible. Apigee Edge is built as a platform and all the power comes with APIs again. Apigee Developer Portal uses these APIs to talk to Apigee Edge portal to create developers, apps, fetch keys information. Some of our customers uses APIs to build their own developer portal.

Let me share a web app that I have built some time back - A node.js based light developer portal which talks to Apigee Edge Org using Management APIs for Creating Apps, Developers, Display app keys. You can play with same here. You can login into the portal using Google Login - OAuth based login system.

Report Inappropriate Content

Hi Anil Sagar,

let me give you some more details:

The point with OAuth is that I have a custom implementation of it. I have built my own system (called access management/AM which implements an authorization schema very near to OAuth. Externally the flow is identical though). Now, the point is that I need my own WebApp (kind of UI portal) which needs to orchestrate 2 systems (e.g. create an user in both AM and Edge etc..): Edge and the AM system. The first question is, do you have such cases? How do you manage them?

Even more, another issue may arise. How can I leverage Apigee “Developer Services UI” to leverage features like API docs, blogs, forum, example etc… if I would use my own WebApp? Can the Apigee portal accessed and used by my custom Webapp? And if yes, do I need to keep resources (like developer portal accounts etc..) synchronized across different systems? Clearly I do not want to give user bad experiences (like login multiple times). I hope you understand my need. And thanks for answering.

Regards.