how to automate and obtain active users in Apigee Edge Cloud

robert
Participant V

Just want to understand what are customers doing for auditing and compliance with user access on Edge Cloud. Essentially, most large corporations will need to understand which of their employees and contractors (users) have access to Edge. They would also want to perform this check using an automated tool. What does Apigee recommend?

I understand the management API is there to retrieve the roles and users associated as two separate API calls. So one option is to use the Management APIs to obtain the roles and then, for each role, the associated users. This would provide the email addresses and roles of all users in an Org. Is there anything else?

What I don't like about the above approach is that the service account user needs to be an Edge Administrator. It would be nice if we had a restricted user role called "Auditor"-- only allowed to access to certain API's to maintain compliance. Perhaps we can create a custom role using the management API which would only have read-only access to the two API's?

1 1 385
1 REPLY 1

Not applicable

Use User Management API's from API console