This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Ways of sharing the keys and secret

Posted on 03-21-2022 07:01 AM
Vishal_Holla
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hi,

What way can be followed to share the API key and Secret safely to business users? can you suggest some ways?
Or whether apigee is providing any of those facilities where keys and secret be shared safely over encrypted channel?

Regards,
Vishal Holla

Solved Solved
1 6 234
Topic Labels
Jump to Solution
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
dchiesa1
Staff
In response to Vishal_Holla
Reply posted on --/--/---- --:-- AM

Our developer portal has access to External users too. What can be done in that case?

You may publish developer portals to users on your corporate network, or to the internet. Either is possible. Or you can provision multiple developer portals for those different audiences, with different authentication for each of them. And different visibility of the API products published to those portals.

There is lots of information on these options in the documentation link I shared.

View solution in original post

Jump to Solution
0 Likes
6 REPLIES 6

Posted on --/--/---- --:-- AM
pusulurikiran
Bronze 3
Bronze 3
Reply posted on --/--/---- --:-- AM

We usually share the key and secrete in email with encrypt option available in outlook email, with permission,

pusulurikiran_0-1647875333509.png

 

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
dchiesa1
Staff
In response to pusulurikiran
Reply posted on --/--/---- --:-- AM

I think there is a  better way!  Specifically, via a developer portal, that uses only HTTPS!

Jump to Solution

Posted on --/--/---- --:-- AM
Vishal_Holla
Bronze 1
Bronze 1
In response to pusulurikiran
Reply posted on --/--/---- --:-- AM

This option is not available in our outlook 😞

Any other way?

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
dchiesa1
Staff
Reply posted on --/--/---- --:-- AM

What way can be followed to share the API key and Secret safely to business users? can you suggest some ways
Or whether apigee is providing any of those facilities where keys and secret be shared safely over encrypted channel?

Yes, use an Apigee developer portal. If it runs only on HTTPS, and if it uses SAML authentication, then

  • You can trust the developer is authenticated by the IDentity provider (IDP) of your choice. Eg, Okta, Active Directory, Ping, etc.
  • developers can see the keys and secrets you have provisioned for them. And also, the expiry if any on those keys.
  • Developers can request new keys and secrets as appropriate
  • Teams of developers can share the same sets of credentials.

Learn more about developer portals at this link.

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
Vishal_Holla
Bronze 1
Bronze 1
In response to dchiesa1
Reply posted on --/--/---- --:-- AM

Our developer portal has access to External users too. What can be done in that case?

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
dchiesa1
Staff
In response to Vishal_Holla
Reply posted on --/--/---- --:-- AM

Our developer portal has access to External users too. What can be done in that case?

You may publish developer portals to users on your corporate network, or to the internet. Either is possible. Or you can provision multiple developer portals for those different audiences, with different authentication for each of them. And different visibility of the API products published to those portals.

There is lots of information on these options in the documentation link I shared.

Jump to Solution
0 Likes
Top Solution Authors
View all