{ Community }
  • Academy
  • Docs
  • Developers
  • Resources
    • Community Articles
    • Apigee on GitHub
    • Code Samples
    • Videos & eBooks
    • Accelerator Methodology
  • Support
  • Ask a Question
  • Spaces
    • Product Announcements
    • General
    • Edge/API Management
    • Developer Portal (Drupal-based)
    • Developer Portal (Integrated)
    • API Design
    • APIM on Istio
    • Extensions
    • Business of APIs
    • Academy/Certification
    • Adapter for Envoy
    • Analytics
    • Events
    • Hybrid
    • Integration (AWS, PCF, Etc.)
    • Microgateway
    • Monetization
    • Private Cloud Deployment
    • 日本語コミュニティ
    • Insights
    • IoT Apigee Link
    • BaaS/Usergrid
    • BaaS Transition/Migration
    • Apigee-127
    • New Customers
    • Topics
    • Questions
    • Articles
    • Ideas
    • Leaderboard
    • Badges
  • Log in
  • Sign up

Get answers, ideas, and support from the Apigee Community

  • Home /
  • Edge/API Management /
avatar image
0
Question by asurajpai · Jan 11, 2016 at 03:42 AM · 707 Views apigee edgeapi managementApigee APIapi designapi techniques

Can Apigee connect to an IDP server to get the tokens and the same IDP used for 2 different databases?

We would like to know if Apigee be able to connect to an IDP server to get the tokens and the same IDP used to connect for two different databases?

The main requirement would be to create one user login and all underlining system authorization would become seamless.

Comment
Add comment Show 5
10 |5000 characters needed characters left characters exceeded
▼
  • Viewable by all users
  • Viewable by Apigeeks only
  • Viewable by the original poster
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users
avatar image asurajpai · Jan 12, 2016 at 03:11 AM 0
Link

Hi @sarthak, can you please help me out here with this case.

avatar image sarthak ♦ asurajpai · Jan 12, 2016 at 03:39 AM 0
Link

@asurajpai I can try to help. But can you clarify the question above?

Are you trying to connect to an external IDP to authorize the API calls? What sort of IDP is this? What protocol Apigee should talk to the backend with? Ldap/AD/Oauth etc.?

avatar image sarthak ♦ · Jan 12, 2016 at 05:26 AM 0
Link

@asurajpai Did you have a comment and deleted that? I got an email but don't see it here. Figured it out how to do it?

avatar image asurajpai · Jan 12, 2016 at 07:33 AM 0
Link

I had sent an Ask an Expert request

avatar image sarthak ♦ asurajpai · Jan 12, 2016 at 02:09 PM 0
Link

Ohh ok .. Feel free to post the details of your question here. I want to know: "Are you trying to connect to an external IDP to authorize the API calls? What sort of IDP is this? What protocol Apigee should talk to the backend with? Ldap/AD/Oauth etc.?"

Close

2 Answers

  • Sort: 
avatar image
0

Answer by asurajpai · Jan 18, 2016 at 04:08 AM

Right now Customer uses IS-RETAIL ERP on HANA (one instance) and a separate HANA instance for customer data/real time stock.

They development a number of mobile html5 apps that access services from these two systems as “one app”

  • Services from IS RETAIL ERP are exposed as ODATA via NW Gateway
  • Services from Native HANA are exposed as ODATA via HANA XS
  • Currently users are set up in Active Directory which is then synced with Ping Identity as the IDP

    SAP GRC Access Control is linked to these and provisions valid/risk assessed users into IS RETAIL ERP.

    Currently any access to Native HANA is done based on a common “service” account for XS calls (they have been examining moving to SAML integration as they have recently moved to latest HANA Support Pack)

    Right now they use Apigee and NW Gateway but NW Gateway is wrongly set up to access both ERP ODATA services but also HANA XS - and this doesn’t follow our recommended “pattern” whereby we recommended webdispatcher

    It has been recommended webdispatcher as a proxy set up…

    However……Customer would like to make use of their strategic Apigee platform and guarantee a better user experience (and hence the discussion about SAML assertion to both systems in a coordinated manner which currently we cannot provide)

    Ideally Customer want a user once provisioned - to see POs in Europe on ERP and then also in HANA (making use of analytic privileges rather than service account access)

    The question is @sarthak ; could Apigee remove the need for a webdispatcher (its additional overhead system they currently don’t use and doesn’t solve the user experience/authorization issue below) and could it provide the aligned SAML assertion etc ?

    Comment
    Add comment · Link
    10 |5000 characters needed characters left characters exceeded
    ▼
    • Viewable by all users
    • Viewable by Apigeeks only
    • Viewable by the original poster
    • Viewable by moderators
    • Viewable by moderators and the original poster
    • Advanced visibility
    Viewable by all users
    avatar image
    0

    Answer by Venkataraghavan · Feb 06, 2016 at 04:44 AM

    @asurajpai

    Apigee does provide an ability for performing SAML assertions for outbound requests. Please refer :

    http://docs.apigee.com/api-services/reference/saml-assertion-policy

    If the webdispatcher functionality needs to be replicated from within the edge, then the custom functionality would need to be developed using javascript/java and then invoking that using an appropriate callout policy.

    Similarly a service callout policy can be used to the IDP service. Could you please elaborate on what the webdispatcher functionality is ? That would enable us to advise if any out of the box functionality can help or if something needs to be developed and invoked through a callout.

    Comment
    Add comment · Link
    10 |5000 characters needed characters left characters exceeded
    ▼
    • Viewable by all users
    • Viewable by Apigeeks only
    • Viewable by the original poster
    • Viewable by moderators
    • Viewable by moderators and the original poster
    • Advanced visibility
    Viewable by all users

    Follow this Question

    Answers Answers and Comments

    41 People are following this question.

    avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image

    Related Questions

    How do you know what changes are made to a proxy revision? 2 Answers

    How to use a consumer key and consumer secret key to access multiple API's? 2 Answers

    How to deploy multiple proxy End points in one proxy? 1 Answer

    Disable Try This API column on Apigee Edge 4 Answers

    Create http virtual host to redirect from http to https 1 Answer

    • Products
      • Edge - APIs
      • Insights - Big Data
      • Plans
    • Developers
      • Overview
      • Documentation
    • Resources
      • Overview
      • Blog
      • Apigee Institute
      • Academy
      • Documentation
    • Company
      • Overview
      • Press
      • Customers
      • Partners
      • Team
      • Events
      • Careers
      • Contact Us
    • Support
      • Support Overview
      • Documentation
      • Status
      • Edge Support Portal
      • Privacy Policy
      • Terms & Conditions
    © 2021 Apigee Corp. All rights reserved. - Apigee Community Terms of Use - Powered by AnswerHub
    • Anonymous
    • Sign in
    • Create
    • Ask a question
    • Create an article
    • Post an idea
    • Spaces
    • Product Announcements
    • General
    • Edge/API Management
    • Developer Portal (Drupal-based)
    • Developer Portal (Integrated)
    • API Design
    • APIM on Istio
    • Extensions
    • Business of APIs
    • Academy/Certification
    • Adapter for Envoy
    • Analytics
    • Events
    • Hybrid
    • Integration (AWS, PCF, Etc.)
    • Microgateway
    • Monetization
    • Private Cloud Deployment
    • 日本語コミュニティ
    • Insights
    • IoT Apigee Link
    • BaaS/Usergrid
    • BaaS Transition/Migration
    • Apigee-127
    • New Customers
    • Explore
    • Topics
    • Questions
    • Articles
    • Ideas
    • Badges