Layer7 API Management

Hello,

Is there any way to let users log in to the portal using their AD account (for an internally used portal) or something like a google account (for a public portal) ?

Regards,

Yannick

Hello Yannick,

There is a way to integrate the portal with an AD environment. You can find more information about it here:

Integrate LDAP Servers with the API Portal - CA API Developer Portal - 3.1 - CA Wiki

and here:

Set Up the Authentication and Management Service - CA API Developer Portal - 3.1 - CA Wiki

Note those links are for version 3.1 only. If you are using an older version then let me know which one and I can provide you links to the appropriate documents from the API Management Support Portal's Downloads section.

Also, I do not think we provide social login functionality (Google, Facebook, etc) for the API Developer Portal.

Kind regards,

George Kaniouris

Hello Yannick,

Let me reiterate my last statement.

I do not think we provide social login functionality out of the box, for the Portal.

It might be possible to implement something similar through a Professional Services engagement.

I hope you find this information useful.

Kind regards,

George Kaniouris

Hi,

Thank you for the link to the ldap integration ! I was indeed talking about out-of-the-box functionality. I can imagine that with a custom login page for the portal it's possible to link social media to the real portal logins, but that is out of scope of my proof-of-concept.

Kind regards,

Yannick Geerts

Yannick,

I've recently worked with a client here in the states to solve a very similar problem. One other thing you might consider here is an SSO integration with the portal. It is an out-of-the-box feature set to be able to authenticate users through a SAML SSO provider. So if you are able to have a SAML provider front your social login (or any login source at that point), this could bridge the gap for your PoC.

Best of luck!

- Chase Fryer

Hi Chase,

I was thinking in the same direction to solve this! I ended up not using ldap but the saml sso integration for our AD, so I know how to set that up. Did you develop a custom saml provider to solve your issues or something from the market ? A quick google search lead me to auth0, which seems to be something that can bridge this gap. I'm interested in what you ended up using !

Kind regards,

Yannick

Yannick,

Glad to hear the commonality in thought/direction! For the scenario I was talking about, we recommended they use SiteMinder, CA's SSO & IAM (Identity Access/Mgmt) tool. It's a great solution for their problem b/c of the maturity model they could grow into using this tool. They could just use it for SAML/SSO to satisfy their current project need (they had a proprietary user store to integrate with) and then as their use cases matured they could extend the use of SiteMinder into full IAM for this external user base down the road.

For what it's worth, we've done SSO/IAM product evaluations in the past, ironically driven by API strategy engagements. And before we were even affiliated with CA as a solution provider partner, SiteMinder held the #1 spot in our recommendation.

To answer the other part of your question, we're a .NET shop and we've also implemented a somewhat custom saml provider for a group that needed a quick (ie. short-term) answer and didn't want to pay for a boxed SSO solution until the following fiscal year. For that project, we ended up using Thinktecture's open source Identity Server solution (a framework that plugs into .NET) which gave us a big head start on all the identity server functionality that we could then just customize from there.

- Chase Fryer

Chase,

Thanks for sharing the experience ! I'll definitely take a look at CA Single Sign On (former Siteminder) the next time I have to do something similar for a customer. For this PoC however I think I'll stick to trying out Auth0, the more I read their docs, the more it seems like an easy job to do. Other advantages are totally no setup work and free full featured usage for development work, just what I need for a PoC

Cheers,

Yannick

Yannick,

That's great insight on Auth0 as well. Thanks for the info and good luck!

- Chase