In our use case , APIGee 14.7 as the gateway and it will do Authentication using LDAP and Authorization will do by external Authorization service ( will do token management). Is any recommended approach to do above use case ?.
I guess what you want to do is:
You didn't describe the goal of the authorization call.
Normally this is done when issuing tokens that carry user context.
The client app does something like:
POST /oauthv2/token
...sending along the appropriate client and user credentials.
And then the API endpoint at /oauthv2/token (hosted by Apigee Edge and configured by you) will do the required steps:
Here is an example that walks you through this kind of flow. It uses a mock service for validation of user credentials. You could replace that with an Ldap policy in your case.
User | Count |
---|---|
1 | |
1 | |
1 | |
1 | |
1 |