This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

OpenAM/OpenDJ Integration with Edge API Gateway,APIGEE OPENAM Integration

Posted on 02-09-2016 09:51 PM
Not applicable
Reply posted on --/--/---- --:-- AM

Newbie here. Can anyone point me to documentation on options for integrating API Gateway with OpenAM?

,

We are evaluating ApiGee for use as an API Gateway. We currently use ForgeRock OpenAM and OpenDJ as our Identity and Access Management solution. Does anyone have information on how to integrate both the developer portal and the API gateway with OpenAM?

2 7 1,879
Topic Labels
7 REPLIES 7

Posted on --/--/---- --:-- AM
anilsr
Staff
Reply posted on --/--/---- --:-- AM

@Eric MIller , Welcome to Apigee Community 🙂 OpenAM can definitely be integrated with Apigee Developer portal which is built on top of drupal, there is a drupal module which helps you do that. I have not tried, though.

Regarding Apigee Edge Gateway, we support sso using ldap on onprem. For more details please refer post here and here.

0 Likes

Posted on --/--/---- --:-- AM
Not applicable
Reply posted on --/--/---- --:-- AM

Hi Anil - so to clarify it appears that integration with external ldap provider such as openAM is only available through the on-premises solution. If we are using APIGEE Cloud Edge, we would need to set up the user credentials there. Can you confirm?

0 Likes

Posted on --/--/---- --:-- AM
anilsr
Staff
In response to
Reply posted on --/--/---- --:-- AM

@Eric MIller , Yes, Our Public Cloud version does not allow this because we manage all those user accounts.

0 Likes

Posted on --/--/---- --:-- AM
DChiesa
Staff
In response to
Reply posted on --/--/---- --:-- AM

Currently, that is true. If you are an Apigee Edge / Public Cloud customer, then you must sign into the Administrative portal using credentials managed by Apigee.

adding SAML sign-in to the Edge Cloud Admin portal is on our roadmap. In the future we expect to allow you to sign-in using your own SAML IdP.

Sign-in to the developer portal is possible using SAML or OpenID Connect, today.

Taking advantage of SAML or JWT in the API runtime is also possible today, regardless whether you use Edge public cloud or Edge on-premises.

0 Likes

Posted on --/--/---- --:-- AM
anjujoseph
New Member
In response to DChiesa
Reply posted on --/--/---- --:-- AM

@Dino, @Anil Sagar @ Google, Can you please confirm if this feature is available for APIGEE Cloud now? Is it possible to integrate the developer portal with OpenAM/OpenDJ? I

0 Likes

Posted on --/--/---- --:-- AM
dchiesa1
Staff
In response to anjujoseph
Reply posted on --/--/---- --:-- AM

The developer portal allows people to signin with SAML.

Does OpenAM act as a SAML IdP? If so, then you can use it with the Drupal-based developer portal.

0 Likes

Posted on --/--/---- --:-- AM
gnanasekaran
Staff
Reply posted on --/--/---- --:-- AM

Hi Eric,

I guess, you are asking about 2 different things here, correct me if am wrong

1) Authentication to Developer Portal using OpenAM

Assuming OpenAM supports OpenIDConnect, you could use one of the drupal openid connect modules to achieve this. You could also integrate directly with the LDAP provider, as long as the cloud portal is able to access your LDAP service

2) Authentication & Authorization for APIs proxied thro the Gateway

This is pretty straight forward, Apigee can work with external identity/auth providers using standards like oauth, openid connect or saml or even custom mechanisms using service callout / java extensions. I have done similar integrations with Siteminder and Ping, I think it should be similar to OpenAM as well

Pls also refer to this,

https://community.apigee.com/questions/10822/apigee-support-for-external-identity-provider-idp.html

Thanks,