Enabling two factor authentication for all users of an organization in the APIGEE Edge Cloud

phanim
Participant II

Is it possible to enforce (or) mandate 2-factor authentication for all users of an organization in APIGEE Edge Cloud? I know how to enable 2-factor authentication for an individual user. But I want to enforce it across all users of my organization.

Solved Solved
1 1 1,105
1 ACCEPTED SOLUTION

phanim
Participant II

Yes, it is possible. You need to contact APIGEE support to enable this for the organization that you are interested in.

Once APIGEE support enables it for the organization, the individual users have to enable 2-factor authentication to access either the Edge UI (or) management api.

Follow the steps provided in the below link to enable the 2-factor authentication

enable-two-factor-auth-your-apigee-account

After enabling the two factor authentication, the access and refresh tokens needs to be generated and used to either to login to UI (or) make management api calls.

Follow the procedure described in the link below under section Using the API to generate access and refresh tokens.

using-oauth2-security-apigee-edge-management-api

The generated access_token needs to be sent in the Authorization header as Bearer token to make management api calls.

For example, to retrieve the details of a virtual host the following api call needs to be made with the access token as illustrated below.

curl -X GET --header "Authorization: Bearer <access_token>" "https://api.enterprise.apigee.com/v1/organizations/{org}/environments/{env}/virtualhosts/{virtual_host_name}"

View solution in original post

1 REPLY 1

phanim
Participant II

Yes, it is possible. You need to contact APIGEE support to enable this for the organization that you are interested in.

Once APIGEE support enables it for the organization, the individual users have to enable 2-factor authentication to access either the Edge UI (or) management api.

Follow the steps provided in the below link to enable the 2-factor authentication

enable-two-factor-auth-your-apigee-account

After enabling the two factor authentication, the access and refresh tokens needs to be generated and used to either to login to UI (or) make management api calls.

Follow the procedure described in the link below under section Using the API to generate access and refresh tokens.

using-oauth2-security-apigee-edge-management-api

The generated access_token needs to be sent in the Authorization header as Bearer token to make management api calls.

For example, to retrieve the details of a virtual host the following api call needs to be made with the access token as illustrated below.

curl -X GET --header "Authorization: Bearer <access_token>" "https://api.enterprise.apigee.com/v1/organizations/{org}/environments/{env}/virtualhosts/{virtual_host_name}"