You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: modules/ROOT/pages/configure-multiple-credential-providers.adoc
+5-8Lines changed: 5 additions & 8 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -6,7 +6,7 @@ endif::[]
6
6
7
7
You can use multiple client providers, to help you enforce security and regulations in your business organization. These client providers, such as, OpenAM and PingFederate, enable you to secure your operational data, such as client credentials and access tokens.
8
8
9
-
You can use an Anypoint Platform native client provider (default) or configure an external client provider. To assign separate client providers for different organizations and environments, you must first enable client applications to be authorized using OAuth for the client providers that you want to implement in your organization.
9
+
You can use an Anypoint Platform native client provider (default), configure an external client provider, or use both the Anypoint Platform native client provider with the external client provider. To assign separate client providers for different organizations and environments, you must first enable client applications to be authorized using OAuth for the client providers that you want to implement in your organization.
10
10
11
11
API Manager 2.2.14 introduces multiple client identity provider (IdP) support, enabling your environment to use either the default Anypoint Platform native client IdP or one or more external client IdPs.
12
12
@@ -55,6 +55,8 @@ To secure your APIs, create one external client provider per environment. Assign
55
55
56
56
Avoid using the same IdP in production and nonproduction environments. You can use the same IdP in multiple production environments or in multiple nonproduction environments.
57
57
58
+
If you configure multiple client providers, both the native Anypoint Platform client provider and any external client providers can be used in the same environment.
59
+
58
60
Before implementing multiple client providers, see the <<guidelines,guidelines>>.
59
61
60
62
[[guidelines]]
@@ -73,18 +75,13 @@ You can then reassign the appropriate external client provider for that API.
73
75
+
74
76
** Existing APIs in that environment continue to use the native Anypoint Platform client provider.
75
77
** New APIs use the new external IdP.
76
-
* You can use either the default native Anypoint Platform client provider or one or more external client providers.
78
+
* You can use either the default native Anypoint Platform client provider and one or more external client providers.
77
79
+
78
-
After you assign an external client provider to an API, you can return to using the default native Anypoint Platform client provider by removing every provider from the environment in which the API belongs.
80
+
There is no need to disable an external provider to use the native Anypoint Platform provider.
79
81
* If you remove a client provider from an environment, all existing APIs and client applications using that client provider continue to work.
80
82
* If you delete a client provider from the root organization, all existing APIs and client applications using that client provider default to the native Anypoint Platform client provider.
81
83
+
82
84
Even though contracts remain intact, policies that authorize against that provider fail because the configuration is deleted.
83
-
* An API created in an environment with an assigned external client provider always uses the external client provider, not the native Anypoint Platform client provider. The following describes one workaround:
84
-
+
85
-
. Disable the external client provider for that environment.
86
-
. Create an API that uses the native Anypoint Platform client provider.
87
-
. Re-enable the external client provider.
88
85
89
86
== Tasks for Implementing Multiple Client Providers Based on Roles
Copy file name to clipboardExpand all lines: modules/ROOT/pages/create-instance-task-service-mesh.adoc
+1Lines changed: 1 addition & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -3,6 +3,7 @@ ifndef::env-site,env-github[]
3
3
include::_attributes.adoc[]
4
4
endif::[]
5
5
:product: service-mesh
6
+
:page-notice-banner-message: This product is scheduled for <a href="https://help.mulesoft.com/s/article/MuleSoft-Product-Feature-Retirements" target="_blank" rel="noopener">End of Life</a>. To integrate your micro services with Anypoint Platform, use Flex Gateway. For more information, see <a href="https://docs.mulesoft.com/gateway/latest/flex-gateway-istio">Integrating Flex Gateway with Istio Service Mesh</a>
0 commit comments