API Proxy - Redirect to a web application

Report Inappropriate Content · 07-28-2015 07:22 AM

I have a web portal that will use API Proxy to connect to the back end services. The web portal uses sso to do user authentication and sso returns back user id and other information in headers (using redirection). I want the sso to redirect to the API proxy rather than directly to the web application.

Based on the above scenario, I have following queries:

1. Is it possible for API Proxy to redirect the user back to the web application once the sso validates the user credentials and redirects to API proxy?

2. Is it possible to do http session management at API proxy layer?

Please help!!

Report Inappropriate Content

Typically we recommend you NOT use the API tier for flow control/redirects. This is typically achieved in the client tier as the behavior/mechanism for redirects will vary by platform. i.e. if you returned a 203 to a browser from the API tier then the browser would dutifully follow the redirect. A mobile client would require specific logic to read the status code and adjust the flow.

The same is true for session management. Your clients will manage session state rather than the Apigee.

Though tempting, try not to think of Edge as your classic application server. Your web server, your CMS, your clients are responsible for functions such as flow control, and session management.

Report Inappropriate Content

Thanks for the details David. Just wanted to know if in case I have to return a redirect from API Proxy, which policy needs to be applied? Is there a sample policy / proxy that you can point me to?