I need to enable two way authentication using ket strore and trust store between apigee and sso server please i want to know how to implement this @dchiesa1 on apigee TLS key store and in serviceCallOut policy (ssl info)
Solved! Go to Solution.
You're saying "SSO Server" and also ServiceCallout.
Usually these two things don't intersect, but maybe in your case they do?
Typically I see an SSO server being integrated with the signon for the operators and administrators, into the admin UI. A SAML IdP, and then the Apigee UI acts as a SAML SP. Whereas, ServiceCallout is something you would configure within your API Proxy, to call out to a remote system. ServiceCallout has nothing to do with signon of API admins/publishers/operators.
BUT, it's possible that you are using ServiceCallout to connect to an upstream target system that just happens to be an SSO server. In that case, excellent! And ... The configuration should be pretty simple. Just follow what you need to specify for SSLInfo for any other purpose.
But it sounds like you've read the documentation on SSLInfo. What have you tried? Is it working? What do you observe?
You're saying "SSO Server" and also ServiceCallout.
Usually these two things don't intersect, but maybe in your case they do?
Typically I see an SSO server being integrated with the signon for the operators and administrators, into the admin UI. A SAML IdP, and then the Apigee UI acts as a SAML SP. Whereas, ServiceCallout is something you would configure within your API Proxy, to call out to a remote system. ServiceCallout has nothing to do with signon of API admins/publishers/operators.
BUT, it's possible that you are using ServiceCallout to connect to an upstream target system that just happens to be an SSO server. In that case, excellent! And ... The configuration should be pretty simple. Just follow what you need to specify for SSLInfo for any other purpose.
But it sounds like you've read the documentation on SSLInfo. What have you tried? Is it working? What do you observe?