Hey All,
Today I found out a pretty cool new feature in Apigee X that allows you to dynamically set the value of the "Audience" element when using the Google Authentication mechanism for Target Endpoints and Service Callout policies.
This is documented over at:
Then, in the Apigee X API Proxy, within your Target Endpoint, use the following configuration to load balance between these two target servers, and have Apigee X dynamically obtain the necessary access token for each of the servers behind the scenes.
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<TargetEndpoint name="default">
<PreFlow name="PreFlow">
<Request/>
<Response/>
</PreFlow>
<Flows/>
<PostFlow name="PostFlow">
<Request/>
<Response/>
</PostFlow>
<HTTPTargetConnection>
<LoadBalancer>
<Server name="cloudrun-central"/>
<Server name="cloudrun-west"/>
</LoadBalancer>
<Path>/headers</Path>
<Authentication>
<GoogleIDToken>
<Audience useTargetUrl="true"/>
</GoogleIDToken>
</Authentication>
</HTTPTargetConnection>
</TargetEndpoint>
The cool bit here is the attribute "useTargetUrl", this is telling Apigee X to dynamically build the access token using the URL of each of the target servers. So essentially, behind the scenes, each target server (i.e. Cloud Run) gets its own access token.
Hi,
I have a question about this, I'm using PSC with an endpoint attachment when doing unauthenticated calls all work as expected, but I want to use this authentication method for my calls, so when I add Authentication to my API Proxy I get:
The URL must be ssl enabled if Authentication is present.
Request ID: 1075017758012059347
But my endpoint attachment is an IP and is defined in the TargetURL as http://7.0.8.6:80 as is documented here https://cloud.google.com/apigee/docs/api-platform/troubleshoot/playbooks/network-configuration/conne...
My question is, how to use authentication when PSC and endpoint attachment is used and endpoint attachment IP must be used in the TargetURL.
Please note my Apigee org and Target project are different.
User | Count |
---|---|
1 | |
1 | |
1 | |
1 | |
1 |