Is it possible to enforce (or) mandate 2-factor authentication for all users of an organization in APIGEE Edge Cloud? I know how to enable 2-factor authentication for an individual user. But I want to enforce it across all users of my organization.
Solved! Go to Solution.
Yes, it is possible. You need to contact APIGEE support to enable this for the organization that you are interested in.
Once APIGEE support enables it for the organization, the individual users have to enable 2-factor authentication to access either the Edge UI (or) management api.
Follow the steps provided in the below link to enable the 2-factor authentication
enable-two-factor-auth-your-apigee-account
After enabling the two factor authentication, the access and refresh tokens needs to be generated and used to either to login to UI (or) make management api calls.
Follow the procedure described in the link below under section Using the API to generate access and refresh tokens.
using-oauth2-security-apigee-edge-management-api
The generated access_token needs to be sent in the Authorization header as Bearer token to make management api calls.
For example, to retrieve the details of a virtual host the following api call needs to be made with the access token as illustrated below.
curl -X GET --header "Authorization: Bearer <access_token>" "https://api.enterprise.apigee.com/v1/organizations/{org}/environments/{env}/virtualhosts/{virtual_host_name}"
Yes, it is possible. You need to contact APIGEE support to enable this for the organization that you are interested in.
Once APIGEE support enables it for the organization, the individual users have to enable 2-factor authentication to access either the Edge UI (or) management api.
Follow the steps provided in the below link to enable the 2-factor authentication
enable-two-factor-auth-your-apigee-account
After enabling the two factor authentication, the access and refresh tokens needs to be generated and used to either to login to UI (or) make management api calls.
Follow the procedure described in the link below under section Using the API to generate access and refresh tokens.
using-oauth2-security-apigee-edge-management-api
The generated access_token needs to be sent in the Authorization header as Bearer token to make management api calls.
For example, to retrieve the details of a virtual host the following api call needs to be made with the access token as illustrated below.
curl -X GET --header "Authorization: Bearer <access_token>" "https://api.enterprise.apigee.com/v1/organizations/{org}/environments/{env}/virtualhosts/{virtual_host_name}"
User | Count |
---|---|
1 | |
1 | |
1 | |
1 | |
1 |