This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Bypass credentials via SOAP proxy

Posted on 07-19-2017 04:10 AM
Not applicable
Reply posted on --/--/---- --:-- AM

Hey,

I am trying to build an API proxy (REST - SOAP - REST) on top of Informatica MDM SIF web services.

https://kb.informatica.com/proddocs/Product%20Documentation/4/MDM_901_DB2_SIF_Guide.pdf

The proxy itself is generated quite fine, but when it comes to security model, I want to have one layer on Apigee side (OAuth2.0 client credentials), and at the same time align particular API client to actual underlying SIF account.

I mean, Informatica MDM Hub has own User Access Management system and you can create new accounts/permissions there. As a result, you need to bypass username/password as a request payload. So, the idea is don't hardcode it in PROXY, but instead keep as a variable in Apigee and attach via Policy (?) based on the API client.

<urn:searchQuery>

<!--Optional:-->

<urn:username>test</urn:username>

<!--Optional:-->

<urn:password>

<urn:password>mypass</urn:password>

<urn:encrypted>false</urn:encrypted>

</urn:password>

So, do you have any best practices/guidelines how to achieve this scenario and ensure this bypassing model?

Thank you!

0 4 1,032
Topic Labels
0 Likes
4 REPLIES 4
Top Solution Authors
View all