Solved: Does Apigee support RFC7522? If not, are there pla...

Report Inappropriate Content · 04-19-2016 10:53 AM

SAML 2.0 Profile for OAuth 2.0 Client Auth Grants

RFC 7522 describes how a SAML Assertion can be used to request an access token when a client wishes to utilize an existing trust relationship, expressed through the semantics of the SAML Assertion, without a direct user approval step at the authorization server. It also defines how a SAML Assertion can be used as a client authentication mechanism.

Former Community Member

I wasn't familiar with the RFC. I have only taken a brief look at it. I have implemented "Using SAML Assertions as Authorization Grants" which appears to be the same as "SAML 2.0 Bearer Assertion Grant Type Profile for OAuth 2.0" on IETF with mostly OOTB policies on Apigee Edge.

I also took a quick look at "Using SAML Assertions for Client Authentication", although I have not implemented it, it does look implementable using OOTB policies.

View solution in original post

Former Community Member

I wasn't familiar with the RFC. I have only taken a brief look at it. I have implemented "Using SAML Assertions as Authorization Grants" which appears to be the same as "SAML 2.0 Bearer Assertion Grant Type Profile for OAuth 2.0" on IETF with mostly OOTB policies on Apigee Edge.

I also took a quick look at "Using SAML Assertions for Client Authentication", although I have not implemented it, it does look implementable using OOTB policies.

dchiesa1

it does look implementable using OOTB policies.

Here is the working example Nandan produced.

Does Apigee support RFC7522? If not, are there plans to support it, and if so, when?