Our Apigee Edge organization uses SAML to login. We have a machine user and need to use this user's credentials to run
edgemicro configure -o [org] -e [env] -u [username]
However the credentials for our machine user are not accepted. How can we utilize the machine user to authenticate with edge microgateway?
Solved! Go to Solution.
This appears to be an omission from the edgemicro configure documentation section. To run edgemicro configure authenticating as a machine user, you need to use an OAuth token obtained from apigee-sso. To obtain the token, you can either use the Apigee get_token utility, or execute the following POST:
export MACHINE_USERNAME=mymachineuser # set machine username here
export MACHINE_PASSWORD=topsecret # set the password here
export SAML_ZONENAME=mysamlzone
curl -i -H "Content-Type: application/x-www-form-urlencoded;charset=utf-8" \
-H "accept: application/json;charset=utf-8" \
-H "Authorization: Basic ZWRnZWNsaTplZGdlY2xpc2VjcmV0" -X POST \
https://${SAML_ZONENAME}.login.apigee.com/oauth/token -s \
-d "grant_type=password&username=${MACHINE_USERNAME}&password=${MACHINE_PASSWORD}"
Once you have obtained the token, you can use it to configure microgateway as follows:
export ORG=myorg # set organization
export ENV=myenv # set environment
export TOKEN=token_value_from_previous_step # set access token
edgemicro configure -o ${ORG} -e ${ENV} -t ${TOKEN}
After that follow remaining edgemicro verify and start steps as mentioned in the documentation:
This appears to be an omission from the edgemicro configure documentation section. To run edgemicro configure authenticating as a machine user, you need to use an OAuth token obtained from apigee-sso. To obtain the token, you can either use the Apigee get_token utility, or execute the following POST:
export MACHINE_USERNAME=mymachineuser # set machine username here
export MACHINE_PASSWORD=topsecret # set the password here
export SAML_ZONENAME=mysamlzone
curl -i -H "Content-Type: application/x-www-form-urlencoded;charset=utf-8" \
-H "accept: application/json;charset=utf-8" \
-H "Authorization: Basic ZWRnZWNsaTplZGdlY2xpc2VjcmV0" -X POST \
https://${SAML_ZONENAME}.login.apigee.com/oauth/token -s \
-d "grant_type=password&username=${MACHINE_USERNAME}&password=${MACHINE_PASSWORD}"
Once you have obtained the token, you can use it to configure microgateway as follows:
export ORG=myorg # set organization
export ENV=myenv # set environment
export TOKEN=token_value_from_previous_step # set access token
edgemicro configure -o ${ORG} -e ${ENV} -t ${TOKEN}
After that follow remaining edgemicro verify and start steps as mentioned in the documentation: