Integrated Developer Portal User Management B2B and B2C Scenarios

hi

Integrated Portal provides Single-Sign-On (SAML/SSO) as well as Built-in-provider.

Take IDP as Azure AD here (Since, We have already used Azure AD as SSO for Apigee Edge)

Built In provider and SAML/SSO can be used together.

This implies some users will be created in Apigee Edge (when users sign up as developers in Integrated Portal) where as some users will be maintained in Identity Provider i.e Azure AD here.

For B2B and B2C scenarios how this should be handled.

Assuming we have a B2B then a business/partner with our organization may have many employees and they signing up and creating account in Apigee-Integrated Portal is cumbersome and extra overhead. Both for the partner-employees and well as us being API service provider managing their identities.

For B2C it may make still be Ok to allow self-signup though here too it is still an extra overhead for a developer to maintain his new user credentials where he could have used his github/gmail other credentials.

In what scenarios then Built-In-Provider makes sense.

Does such use-case calls for use of Identity Providers such as Okta (that could integrate identity from multiple providers) or Azure AD can also fit the bill here.

Since we used Azure AD as Apigee Edge SSO can we still switch to Okta for Integrated Portal (rather have Okta interact with Azure AD if need be for authentication)

Please share your thoughts how is it being managed in other enterprise API programs.

thanks,

Aakash