I am exposing Azure Openid connect APIs(/Authorize and /token) APIs through APIGEE
I am able to get both access token and id token but
session is not maintained between APIGEE and Azure
though user is logged in i am getting repeatedly login page instead of getting token directly
but when i call azure APIs directly session is maintained,
Solved! Go to Solution.
you should store session id in the apigee cache for X mins (as per your need). And in the next call check if the session id is already exists if not then hit the call to get new one.
you should store session id in the apigee cache for X mins (as per your need). And in the next call check if the session id is already exists if not then hit the call to get new one.
I am not getting the session id instead it is managed by cookies
the cookies are stored as different domain
could you please share the documentation link of azure you are reffering. I am pretty sure as all ODIC sends back some token which can be treated as a session id for next call.
access_token and refresh_token is something you should store in the cache and don't hit the authorise endpoint if you already have access token.
Apigee support third party OAuth token so if you integrate that in apigee way the maintenance of the token would be eaiser to maintain. Read more information here - https://docs.apigee.com/api-platform/security/oauth/use-third-party-oauth-system
Note - there is a concept of ExternalAuthorization, which has to be true in your case, and store external token in ExternalAccessToken apigee stores it against your apigee oauth token.
User | Count |
---|---|
2 | |
1 | |
1 | |
1 | |
1 |