This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Is there OAuth client management integration with 3rd party IDPs?

Posted on 05-16-2018 10:31 AM
Not applicable
Reply posted on --/--/---- --:-- AM

Hi all,

Does anyone know if there is capability for OAuth client management with third party IDPs? We would like to have a seamless developer experience but still keep PingFederate as our IDP. Thus, we would need a client management integration of Apigee with PingFederate so that when a customer creates an application, Apigee can register the generated client id and secret with Ping.

Thanks,

Dave

1 1 494
Topic Labels
1 REPLY 1

Posted on --/--/---- --:-- AM
dchiesa1
Staff
Reply posted on --/--/---- --:-- AM

Customers do this in a couple ways:

  • batch synch of developers within Apigee Edge to Ping. As you may know, Apigee Edge allows import of credentials. so it should be possible to have a cron job that runs, checks for new developers in Apigee Edge, and for any found, creates the necessary elements in Ping, and then synchronizes the credentials to Apigee Edge.
  • realtime synch via the Developer portal. When a developer requests a new app, the devportal can kick off logic to create the account in Ping, then import those credentials into apigee Edge.

The latter works if EVERY developer account will be created through the devportal. But as you know the Edge Admin API can be used from other apps. so there is always the possibility for the Edge developer list to creep out of synchrony with the Ping credential list. Therefore it seems to me you will always need some sort of synch job to run and reconcile the two - eg, option #1.

I have seen this done with various IdPs. Ping, Okta, and Azure AD among them.

(sorry for the delay, not sure how I missed the question)

0 Likes