Is there a way to use LDAP authentication instead of Apigee's authentication so that all internal users don't have to register on the Dev Portal too ?

Not applicable
 
Solved Solved
1 11 3,784
1 ACCEPTED SOLUTION

Not applicable

Hi @Mayank Chauhan. I've just enabled LDAP module on a free Dev Portal environment and it seems to work by enabling LDAP modules available as a Drupal Module. See snapshot below. Once, this is enabled along with LDAP Servers, you should be able to setup a server under Configuration People LDAP Configuration Servers Add LDAP Server Configuration. Also, you should be able to test this by ruuning a test under: Home > Administration > Configuration > People > LDAP Configuration > User >Test LDAP User Functionality for a given user.

556-ldap-dev-portal.png

Hope it helps!

@Chris Novak please keep me honest.

View solution in original post

11 REPLIES 11

Not applicable

Hi @Mayank Chauhan,

Are you using Apigee on cloud or OPDK/private cloud?

Thanks for your reply, I should have mentioned it, I am using Apigee on Private Cloud.

Not applicable

Hi @Mayank Chauhan. I've just enabled LDAP module on a free Dev Portal environment and it seems to work by enabling LDAP modules available as a Drupal Module. See snapshot below. Once, this is enabled along with LDAP Servers, you should be able to setup a server under Configuration People LDAP Configuration Servers Add LDAP Server Configuration. Also, you should be able to test this by ruuning a test under: Home > Administration > Configuration > People > LDAP Configuration > User >Test LDAP User Functionality for a given user.

556-ldap-dev-portal.png

Hope it helps!

@Chris Novak please keep me honest.

This does help @dzuluaga. Thanks for your help man. The screenshots made it so much easier.

I'm glad it helped @Mayank Chauhan. If you're satisfied with the answer please accept it. Cheers!

Not applicable

Since Apigee uses an email for user authentication as a login, if your LDAP is a based email login authentication and not an acronym it is possible but you have to keep the OpenLDAP or ApacheDS for the specific part schema of Apigee which is user roles, permissions, ressources, servers, pasword policies, organizations (not the OU of LDAP) ...

The questions are:

1. Is the LDAP team will allow you to change the schema to introduce the APIGEE schema that may conflict with the native organization schema ?

2. If you delete a user from the LDAP it will be a zombie in APIGEE and cannot access the APIGEE platform.

3. Do you separate internal users from outside users ?

PS: In another Post that led me here, he is speaking about Active Directory for LDAP authentication it is possible for Authentication part and not for the permissions, roles etc

ldifjar.txt

rename to ldif.jar (compiled with java8) then double click you will play with one LDAP schema

benrodriguez
Participant II

I have the apigee cloud solution. I had the same question about using a LDAP directory rather than apigee's for my internal developer portal. Having to manage 100+ users isn't going to be problematic. A federated or SAML solution would be a great enhancement I've been researching and haven't found any information about this yet. Can anybody point to the right direction or to an enhancement request? I can't be the only team that would want to do this.

Hello Ben, here is a link on how to configure up SAML for your portal in the cloud: https://pantheon.io/docs/shibboleth-sso

benrodriguez
Participant II

also is there a way to manage or connect the third party developer portal with the apigee portal especially on an account level?

Can you add more details on what you are trying to do? This sounds like you may have a completely new question than how to use LDAP. I suggest creating a new question with the details on what you are trying to accomplish.