This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Management API Basic Authorization

Posted on 09-23-2020 07:27 AM
pdouglas
Bronze 5
Bronze 5
Reply posted on --/--/---- --:-- AM

Is the Basic Authorization header the only security on the Management APIs? We are aiming to script some of the API functionality (for creating developer apps, users) on our developer portal for some specific needs. Considering that encoding the Apigee username/password is all that is required to create the header and call these APIs, we are considering adding a convenience proxy layer to these to enhance the security. Are we on the right track or is there a better path for tightening security on these? Thank you!

0 1 193
Topic Labels
0 Likes
1 REPLY 1

Posted on --/--/---- --:-- AM
Not applicable
Reply posted on --/--/---- --:-- AM

Calling management API inside a proxy is an antipattern in Apigee.

You can try below

ref: https://docs.apigee.com/private-cloud/v4.18.01/using-saml-edge-management-api

0 Likes