Solved: Integration of APIGEE with Azure Open id connect p...

manjunathabr · 07-15-2019 07:20 AM

I am exposing Azure Openid connect APIs(/Authorize and /token) APIs through APIGEE

I am able to get both access token and id token but

session is not maintained between APIGEE and Azure

though user is logged in i am getting repeatedly login page instead of getting token directly

but when i call azure APIs directly session is maintained,

itravindrasingh

you should store session id in the apigee cache for X mins (as per your need). And in the next call check if the session id is already exists if not then hit the call to get new one.

View solution in original post

itravindrasingh

you should store session id in the apigee cache for X mins (as per your need). And in the next call check if the session id is already exists if not then hit the call to get new one.

manjunathabr

I am not getting the session id instead it is managed by cookies

manjunathabr

the cookies are stored as different domain

itravindrasingh

could you please share the documentation link of azure you are reffering. I am pretty sure as all ODIC sends back some token which can be treated as a session id for next call.

manjunathabr

https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/overview/ad-fs-scenarios-for-develope...

itravindrasingh

access_token and refresh_token is something you should store in the cache and don't hit the authorise endpoint if you already have access token.

itravindrasingh

Apigee support third party OAuth token so if you integrate that in apigee way the maintenance of the token would be eaiser to maintain. Read more information here - https://docs.apigee.com/api-platform/security/oauth/use-third-party-oauth-system

Note - there is a concept of ExternalAuthorization, which has to be true in your case, and store external token in ExternalAccessToken apigee stores it against your apigee oauth token.

Integration of APIGEE with Azure Open id connect provider