This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Apigee Edge Proxy authentication - MS Entra

Posted on 03-07-2024 12:52 PM
purnanga
Bronze 3
Bronze 3
Reply posted on --/--/---- --:-- AM

We are an Apigee Edge enterprise customer. Most of the proxies that we published on the Apigee Edge use oAuth2.0 authentication between the consumer & Apigee proxy.

Consumer (system)[1] <-> Apigee[2] <-> Target endpoint[3].

  • We provided the client ID, Secret from the Apigee[2] (used as authorization server) to the consumer[1]. Consumers[1] generate the access token before calling the Apigee proxy[2].
  • If the access key is valid, the Apigee proxy[2] uses API key authentication while connecting to the Target endpoint[3].

There is a new use case, where the consumer[1] doesn’t want to use the Apigee[2] as an authorization server. Instead, they want to use Microsoft Entra.

The team will provide the Application identity (principal) to the Apigee proxy[2], we need to validate the identity(access token) of the consumer[1]. If it is valid, Apigee should make a call to the Target endpoint[3].

Can anyone please provide some guidance - how to implement the above? @dchiesa1 Thanks in advance.

1 5 952
Topic Labels
5 REPLIES 5