Can I still use Apigee Edge's features with custom...

Report Inappropriate Content · 01-26-2016 09:59 AM

If we have our own authorization server that provides OAuth2 tokens, would we be able to tie these tokens back to Apigee's developer apps with either the OAuth2 client_id or the actual client's id?

An example flow with password grant would be:

We set up client credentials for an API consumer on Apigee
Consumer would use the client credentials to request a token from our auth server
Auth server "syncs access/refresh tokens with Apigee client" (?), sends back tokens to consumer
Consumer uses the access token to request for a protected resource proxied through Apigee but validated by Our Auth server

On Item #4, is it possible to have Apigee read the access token for analytical purposes and not validate the token; for such things like request metering per developer apps?

willwitman

Hi @Nguyen_Nguyen -- Have you seen this topic on using third-party OAuth tokens. It may help with what you're trying to do.

Report Inappropriate Content

@wwitman, thanks

I have taken a look at the doc, but it assumes a full external OAuth provider. The use case I would like to be able to do is a partial implementation using client ( developer apps ) details on Apigee but have tokens handling in our backend services so that we can take advantage in some of Apigee's features that are tied to the clients.

I was also dissuaded this section in that doc:

A common use case is where you have an existing OAuth system in place, and you would like to use the tokens generated by that system with Apigee Edge. On the other hand, if you want to take advantage of Apigee Edge features like Edge Analytics, the developer app ecosystem, developer portal, and so on, you need to use tokens that were generated with Apigee's OAuth system.

Can I still use Apigee Edge's features with custom Oauth2 authentication?