Hi All,
I have a use case where I need to authenticate user in Microsoft Active Directory before actual API call. The Apigee is on prem.
Can you please help.
Thanks and Regards,
Manish
If you are trying to build in authentication in the API proxy itself, then Sure! - there are a couple ways to do it.
This is an example of the LDAP policy that could be used in the first case:
<Ldap name="LDAP-Authenticate-and-Query-1"> <LdapResource>freeipaorg</LdapResource> <Authentication> <SearchQuery>uid={request.formparam.username}</SearchQuery> <Password ref="request.formparam.password"/> <Scope>subtree</Scope> <BaseDN>cn=users,cn=accounts,dc=demo1,dc=freeipa,dc=org</BaseDN> </Authentication> <Search> <BaseDN>cn=users,cn=accounts,dc=demo1,dc=freeipa,dc=org</BaseDN> <Scope>subtree</Scope> <SearchQuery>uid={request.formparam.username}</SearchQuery> <!-- these are all attributes on the user from LDAP --> <Attributes> <Attribute>uid</Attribute> <Attribute>homeDirectory</Attribute> <Attribute>loginShell</Attribute> <Attribute>initials</Attribute> <Attribute>mail</Attribute> <Attribute>ipaUniqueID</Attribute> </Attributes> </Search> </Ldap>
@Dino I think they mean more SSO flavor. @manish srivastava does Dino's reply answer what you are looking for ?
Ahhhhhh, well, I may have misunderstood.
User | Count |
---|---|
1 | |
1 | |
1 | |
1 | |
1 |