This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Help needed in designing a proxy to invoke

Posted on 01-09-2018 10:52 PM
Not applicable
Reply posted on --/--/---- --:-- AM

For a system like this:

-Authenticate with OpenID Connect and authorize with OAuth 2.0.
-Created an OAuth 2 endpoint on Apigee Edge.
-Authentication is handled by the backend server ID provider.

The ID provider has its own ID management page, so that the end user can log in.
I want to be able to display the list of authorized applications for end users and cancel the authorization.

We want to obtain a list of which applications are being authorized by a specific end user.
What kind of API proxy should I create on Apigee Edge.

0 1 85
Topic Labels
0 Likes
1 REPLY 1

Posted on --/--/---- --:-- AM
Not applicable
Reply posted on --/--/---- --:-- AM

Hi Karthik ,

If i understand correctly , you can define an 3 legged OAuth flow API proxy in APIGEE , lets say for now
/authorize -- which validates the client and redirects it to the 3rd party IDP login page ( You can do this using http redirects in APIGEE)
/code ---- this is the callback which you have can configure in the app (created in the 3rd party IDP) and retrieve the authorization code and perform a token API call against the third party IDP.


Now there are different ways to achieve this. Also you can save the token provided by the external IDP as an external token in APIGEE.

As to answer your question directly , you can create a no-target proxy in APIGEE. And to obtain the list of applications for the specific user , you can either use the IDP infrastructure for this or you can built a custom page.

Let me know if this helps or if not relevant please let me know how i can help.

0 Likes