This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Generate Oauth token in Jenkins CICD

Posted on 06-23-2020 08:01 AM
sundarprince
New Member
Reply posted on --/--/---- --:-- AM

We have moved to SAML based authentication in our Org. As of now I’m generating the access token and refresh token using the following method in my laptop and using it in POM. Is it possible to auto generate the token and use it in CICD pipeline. Or Machine user is the only option available in apigee?

Also please advise to use secrets manager to store the apigee credentials(Pom file) or Jenkins credentials?

1.export SSO_LOGIN_URL=https://<Orgname>.login.apigee.com

2.In browser, type https://<Orgname>.login.apigee.com/passcode

3.Get the passcode and use the following command to get access token

curl -X POST \

-H "Content-Type: application/x-www-form-urlencoded;charset=utf-8" \

-H "accept: application/json" \

-H "Authorization: Basic TOKEN" \

https://<Orgname>.login.apigee.com/oauth/token -s \

-d 'grant_type=password&response_type=token&passcode=TOKEN'

0 5 1,743
Topic Labels
0 Likes
5 REPLIES 5

Posted on --/--/---- --:-- AM
ssvaidyanathan
Staff
Reply posted on --/--/---- --:-- AM
@Sundar Prince

Please check this link on how to set up machine users. With SAML enabled orgs, your zoneadmin should be able to create a machine user. Once that is created, you can use that in your CI/CD builds.

If you are using the Maven plugin to deploy API Proxies, then you just need to make sure you are passing the machine user credentials (as username and password) and then set the authType to "oauth" and the tokenurl to "https://{zone}.login.apigee.com/oauth/token" (dont forget to replace the zone name with what you have configured). For more info on how the plugin works with OAuth, check this link

0 Likes

Posted on --/--/---- --:-- AM
sundarprince
New Member
In response to ssvaidyanathan
Reply posted on --/--/---- --:-- AM

Hi Sai,

I have downloaded usermgmt.tar.gz on my local. I tried to run the command both in git bash and cmd i have issues in generating the access token. Though the credentials are correct but it didn't provide the expected results.

I have seen a strange issue in git bash. As soon as i enter the username it skips to MFA and don't allow me to type the password. Since we already enabled SAML based auth that doesn't allow me to type password? Is this a known issue?

I'm sharing the screenshots below.

On the other side i can get the access token using the following command so proxy is not the problem.

curl -X POST \ -H "Content-Type: application/x-www-form-urlencoded;charset=utf-8" \ -H "accept: application/json" \ -H "Authorization: Basic REDACTED" \ https://ZONEID.login.apigee.com/oauth/token -s \ -d 'grant_type=password&response_type=token&passcode=TOKEN'

CMD

10063-usermgmt-cmd.png

Gitbash

10064-usermgmt-gitbash.png

0 Likes

Posted on --/--/---- --:-- AM
sundarprince
New Member
In response to sundarprince
Reply posted on --/--/---- --:-- AM

Hi Team,

Do we have any update on this?

0 Likes

Posted on --/--/---- --:-- AM
ssvaidyanathan
Staff
In response to sundarprince
Reply posted on --/--/---- --:-- AM

Not sure about this - have you enabled ?

Best is to open a Support ticket

0 Likes

Posted on --/--/---- --:-- AM
sundarprince
New Member
In response to ssvaidyanathan
Reply posted on --/--/---- --:-- AM

Ok thank you

0 Likes