Multi Factor Authentication for On-Prem?

Wondering if Apigee supports MFA for on-prem installation. If so, is there some documentation regarding this? I've looked around in the community/docs but nothing concrete.

Thanks!

Solved Solved
1 2 701
1 ACCEPTED SOLUTION

Yes, sort of.

If you use the "built in" authentication for the Apigee Edge on-premises ("Customer managed") software, there is no MFA.

The way to get MFA is to use a proper external Identity Provider, Okta or Active Directory Federation Services, etc. Set up MFA there. and then configure that IdP to act as a SAML IDP for Apigee Edge.

This describes how to do the latter - to set up the SAML relationship.

https://docs.apigee.com/private-cloud/v4.18.01/configure-your-saml-idp

You'll have to consult the documentation for your identity provider to figure out how to set up MFA for that provider.

Bonus: it also will give you SSO!

View solution in original post

2 REPLIES 2

Yes, sort of.

If you use the "built in" authentication for the Apigee Edge on-premises ("Customer managed") software, there is no MFA.

The way to get MFA is to use a proper external Identity Provider, Okta or Active Directory Federation Services, etc. Set up MFA there. and then configure that IdP to act as a SAML IDP for Apigee Edge.

This describes how to do the latter - to set up the SAML relationship.

https://docs.apigee.com/private-cloud/v4.18.01/configure-your-saml-idp

You'll have to consult the documentation for your identity provider to figure out how to set up MFA for that provider.

Bonus: it also will give you SSO!

Thanks @Dino-at-Google !