{ Community }
  • Academy
  • Docs
  • Developers
  • Resources
    • Community Articles
    • Apigee on GitHub
    • Code Samples
    • Videos & eBooks
    • Accelerator Methodology
  • Support
  • Ask a Question
  • Spaces
    • Product Announcements
    • General
    • Edge/API Management
    • Developer Portal (Drupal-based)
    • Developer Portal (Integrated)
    • API Design
    • APIM on Istio
    • Extensions
    • Business of APIs
    • Academy/Certification
    • Adapter for Envoy
    • Analytics
    • Events
    • Hybrid
    • Integration (AWS, PCF, Etc.)
    • Microgateway
    • Monetization
    • Private Cloud Deployment
    • 日本語コミュニティ
    • Insights
    • IoT Apigee Link
    • BaaS/Usergrid
    • BaaS Transition/Migration
    • Apigee-127
    • New Customers
    • Topics
    • Questions
    • Articles
    • Ideas
    • Leaderboard
    • Badges
  • Log in
  • Sign up

Get answers, ideas, and support from the Apigee Community

  • Home /
  • Edge/API Management /
avatar image
0
Question by Rakesh Yeddula Venkata · Feb 05, 2020 at 10:41 PM · 59 Views oauth 2.0cacheproxy configurationaccess tokenextensions

OAuth call from Apigee to the backend service that issues access token

Hi,

We had an unsecured SFDC API which we have secured using Apigee. We have built a 2-legged OAuth proxy for the client to get the access token from authorization server and then a proxy for this SFDC API which issues a proper response after the client access token has been verified. We have bundled 2-legged OAuth Proxy and SFDC proxy into a product. Everything here works securely as expected with Apigee, however the back-end SFDC API is still accessible if we call the API with direct URL. In order to eliminate users directly accessing the SFDC API, we are trying to implement the OAuth Authentication at SFDC. So with this implementation the desired flow is that after the first leg of authentication within Apigee, it should call the SFDC OAuth endpoint by passing the client credentials & Username/password and SFDC OAuth endpoint will validate the request and issues an access token. We will then use this access token issued by SFDC OAuth endpoint and make a call to SFDC back end API (Apigee Proxy) by passing the access token within the header to access the information. I have the following questions regarding the implementation:

1) SFDC doesn't store the access tokens issued in its cache. It will just issue an access token and time it issued and at Apigee we should store this token in its cache and re-use it for subsequent calls and when the access token is expired we should make a cal again to SFDC OAuth endpoint to issue an access token.

2) Can we implement this using extensions provided by Apigee? If so could you please direct me how to implement it?

3) Instead exchanging client credentials and username/password to get access token can we employ certificate based authn to get access token from SFDC endpoint?

I am looking for any suggestions on how to implement this and best way to implement this. Could anyone please help me?

Thanks,
Rakesh

Comment
Add comment
10 |5000 characters needed characters left characters exceeded
▼
  • Viewable by all users
  • Viewable by Apigeeks only
  • Viewable by the original poster
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users

Close

0 Answers

  • Sort: 

Follow this Question

Answers Answers and Comments

110 People are following this question.

avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image

Related Questions

How do I use an external access token in Apigee? 1 Answer

Restrict Access Token usage to the environment in which it was created? 1 Answer

How do I validate access token was issued to the client 4 Answers

Apigee Token Hashing : 0 Answers

About Access Token 1 Answer

  • Products
    • Edge - APIs
    • Insights - Big Data
    • Plans
  • Developers
    • Overview
    • Documentation
  • Resources
    • Overview
    • Blog
    • Apigee Institute
    • Academy
    • Documentation
  • Company
    • Overview
    • Press
    • Customers
    • Partners
    • Team
    • Events
    • Careers
    • Contact Us
  • Support
    • Support Overview
    • Documentation
    • Status
    • Edge Support Portal
    • Privacy Policy
    • Terms & Conditions
© 2021 Apigee Corp. All rights reserved. - Apigee Community Terms of Use - Powered by AnswerHub
  • Anonymous
  • Sign in
  • Create
  • Ask a question
  • Create an article
  • Post an idea
  • Spaces
  • Product Announcements
  • General
  • Edge/API Management
  • Developer Portal (Drupal-based)
  • Developer Portal (Integrated)
  • API Design
  • APIM on Istio
  • Extensions
  • Business of APIs
  • Academy/Certification
  • Adapter for Envoy
  • Analytics
  • Events
  • Hybrid
  • Integration (AWS, PCF, Etc.)
  • Microgateway
  • Monetization
  • Private Cloud Deployment
  • 日本語コミュニティ
  • Insights
  • IoT Apigee Link
  • BaaS/Usergrid
  • BaaS Transition/Migration
  • Apigee-127
  • New Customers
  • Explore
  • Topics
  • Questions
  • Articles
  • Ideas
  • Badges