Is Apigee support Client authentication via TOTP and SRP

nandishnandy
Participant III

Is Apigee support Client authentication via TOTP and SRP?

7700-arc.png

Thanks In Advance

1 3 219
3 REPLIES 3

TOTP and SRP are both easy to do, but neither are currently implemented in Apigee Edge as a built-in policy.

You would have to implement that capability in a Java callout.

I could build the right callout in about 20 minutes, I guess, using an existing library:

SRP: https://bitbucket.org/connect2id/nimbus-srp

TOTP: https://github.com/jchambers/java-otp


EDIT

this took me longer than 20 minutes to build, but here is a callout that performs TOTP generation. You would need to check the generated TOTP against a passed-in TOTP. (The client would need to generate the TOTP as well, or it can use a mobile device app like Google Authenticator to generate the TOTP).

https://github.com/DinoChiesa/ApigeeEdge-Java-TOTP

Thanks Dino, I will check

Nandeesha, Check my update, above, please.