Ideally the goal here is to use adfs and SAML for a single sign on to apigee edge, rather than using Apigee's openldap for authentication to the Enterprise UI. If anyone has tried this or has the details can you share them?
Solved! Go to Solution.
Hi David, what is your version of apigee edge?
You can delegate authentication to AD [or any ldap v3], so AD can be used for authentication instead of openldap
So one could login with their AD creds to enterprise UI,
but SAML based SSO for Enteprise UI is not supported today
We are looking at the 3rd party authentication using LDAP but I was more interested in single sign on.
ah ok, unfortunately, its not supported today
Support for SAML2 is something that's definitely in the roadmap.
We are in process of implementing Apigee Edge Cloud in our org. To avoid maintaining users and passwords in Apigee, we would love to have ability to SSO into Edge management UI using SAML. @Joel D'sa, any estimates on when is Apigee planning to have the feature?
We have been pushing for this for MONTHS.
my understanding - from what i have been told - is that this will be released AT THE EARLIEST in the second OPDK release in 2016. We pushed hard for this feature - making the argument that the existing options for SSO are .. well .. not particularly useful.
If it magically showed up in the next release I would have a party!
do you know when this will be available?
Any updates on allowing SAML login to APIGEE compared to username and password based login ?
Apigee now supports authentication to the Apigee Edge management UI via an external SAML-based identity provider (IdP). This makes it easy for customers to leverage an IdP (ADFS, Okta, Ping, or OneLogin, for example) of their choice, as long as it supports SAML 2.0 to authenticate Apigee Edge users.
We’re excited to announce the general availability of SAML-based single sign-on (SSO) for Apigee Edge for customers managed and hosted by Apigee.
For more details, refer here.
Is there a plan to extend SAML based SSO support to private cloud?
Yes, SAML support for OPDK is definitely in the roadmap.
Is it applicable for private cloud ? especially with Active Directory Federation services as the IdP ?
we are using the new 4.19.01 version.
all of the documentations are based on Apigee Edge for customers managed and hosted by Apigee.
@Shawky Foda Yes, SAML integration with ADFS and New UI Experience are applicable for private cloud as well.
For installing Edge OPDK components you are expected to use OPDK documentation. Steps for configuring ADFS/Edge SAML integration are same across both offering, so you use Cloud doc pages.
Thank u @yuriyl
Could u provide a link to the Cloud doc pages which could be used for private on premise cloud. Thanks
Here's the doc for SSO/SAML for Private Cloud 19.01:
https://docs.apigee.com/private-cloud/v4.19.01/supporting-saml-edge-private-cloud
Stephen
You might find useful a lab we have on Apigee SSO/ADFS integration in a single end-to-end scenario.
In addition to steps, described by documentation it contains sections for setting up AD DC and AD FS with screenshots and useful debugging/troubleshooting technics.
Hi @yuriyl ,
On Apigee edge private cloud, is it possible to enable login using Azure AD SSO?
You will get better results if you ask a new question as a new question, rather than submitting your question as a comment to a 5 year old thread.
Hi @Anil Sagar
I Have an extended question regarding SAML based SSO.
For private cloud, is it possible to have a set up as explained below
Login to Edge UI using SSO
But roles are managed using external LDAP (corp AD)
@Mukundha Madhavan Please refer the posting SAML feature under https://community.apigee.com/articles/39063/enable-saml-for-apigee-edge-production-organizatio.html
User | Count |
---|---|
5 | |
2 | |
2 | |
1 | |
1 |