This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Generate OAuth Token using SAML Assertion

Posted on 06-13-2022 04:49 AM
esync33
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

In Apigee X, is it possible to implement the OAuth 2.0 SAML bearer assertion flow? Basically allowing you to request an OAuth access token using a SAML assertion. This will enable us to have all APIs use the OAuth security framework.

Also, in some cases, if possible, generating a SAML assertion for the backend once OAuth Validation is complete within the Proxy API.

 

0 1 244
Topic Labels
0 Likes
1 REPLY 1

Posted on --/--/---- --:-- AM
dchiesa1
Staff
Reply posted on --/--/---- --:-- AM

is it possible to implement the OAuth 2.0 SAML bearer assertion flow? Basically allowing you to request an OAuth access token using a SAML assertion.

Yes, surely. See this older question. And you may want to use something like this decoder within Apigee to base64-decode and maybe decompress the SAML Assertion before validating it.

in some cases, if possible, generating a SAML assertion for the backend once OAuth Validation is complete within the Proxy API.

and yes. You would use the GenerateSAMLAssertion policy to do that. The signature will be based on a private key that you configure within Apigee.

0 Likes
Top Solution Authors
View all