Send Docs Feedback

Onboard an organization

Edge for Private Cloud v. 4.16.09

Use the setup-org command to perform the onboarding process. You must run the command on the Management Server node.

As part of the onboarding process, the script:

  • Creates the organization.
  • Sets the specified user as the organization admin.
    • This user must be different from the sys admin user. That is, do not use the sys admin user as an org admin user.
    • You can specify an existing user for the organization admin, or configure the script to create a new user.  
  • Associates the organization with a pod, by default is associates it with the "gateway" pod.
  • Create an environment.
  • Create a virtual host for the environment.
  • Associate the environment with all Message Processor(s).
  • Enables analytics.

You cannot create two organizations with the same name. In that case, the second create will fail 

Configuration file for onboarding

Pass a configuration file to the setup-org command. Invoke the setup-org command and specify the -f option, including the path to the silent configuration file:

> /opt/apigee/apigee-service/bin/apigee-service apigee-provision setup-org -f configFile

The only requirement on silent installations is that the configuration file must be accessible or readable by the "apigee" user.  

Shown below is an example silent configuration file. Edit it as necessary for your requirements:


# Specify the IP or DNS name of the Management Server.

# Specify the Edge sys admin credentials.
APIGEE_ADMINPW=adminPassword     # If omitted, you are prompted for it.

# Specify organization name.
ORG_NAME=myorg  # lowercase only, no spaces, underscores, or periods.

# Specify the organization administrator user.
# Either specify an existing user, or specify the information
# necessary to create a new user.
# Do not use the sys admin as the organization administrator.
# Create a new user for the organization administrator. 
# New user information if NEW_USER="y".
# Or, specify an existing user as the organization admin,
# NEW_USER="n"

# Specify environment name. 

# Specify virtual host information.

# If you have a DNS entry for the virtual host.

# If you do not have a DNS entry for the virtual host, 
# specify the IP and port of each router as a space-separated list:
# VHOST_ALIAS="firstRouterIP:9001 secondRouterIP:9001" 

# Optionally configure TLS/SSL for virtual host.
# VHOST_SSL=y     # Set to "y" to enable TLS/SSL on the virtual host.
# KEYSTORE_JAR=   # JAR file containing the cert and private key.
# KEYSTORE_NAME=  # Name of the keystore. 
# KEYSTORE_ALIAS= # The key alias.
# KEY_PASSWORD=   # The key password, if it has one. 

# Specify the analytics group. 
# AXGROUP=axgroup-001 # Default name is axgroup-001.


  • For VHOST_ALIAS, if you already have a DNS record that you will use to access to the virtual host, specify the host alias and optionally the port, for example, “”. 

    If you do not yet have a DNS record, see Setting up a virtual host for more information.
  • For TLS/SSL configuration, see Keystores and Truststores and Configuring TLS access to an API for the Private Cloud for more information on creating the JAR file, and other aspects of configuring TLS/SSL.


  1. Install apigee-provision on the Management Server node:
    > /opt/apigee/apigee-service/bin/apigee-service apigee-provision install
  2. Run the command on the Management Server node:
    > /opt/apigee/apigee-service/bin/apigee-service apigee-provision setup-org -f configFile

    The configuration file must be accessible or readable by the "apigee" user. 

Onboarding Verification 

On completion of onboarding, verify the status of the system by issuing the following CURL commands on the  Management Server node.  

  1. Check for user and organization status on the Management Server by issuing the following CURL commands:
    > curl -u <adminEmail>:<admin passwd> http://localhost:8080/v1/users
    > curl -u <adminEmail>:<admin passwd> http://localhost:8080/v1/organizations
    > curl -u <adminEmail>:<admin passwd> http://localhost:8080/v1/organizations/<orgname>/deployments
  2. If you enabled analytics, then use this command:
    > curl -u <adminEmail>:<admin passwd> http://localhost:8080/v1/organizations/<orgname>/environments/<envname>/provisioning/axstatus
  3. You can also check the PostgreSQL database status by running the following command on Machine 2 to start psql:
    > psql -h /opt/apigee/var/run/apigee-postgresql -U apigee apigee

    At the command prompt, enter the following command to view the analytics table for your organization:
    apigee=# : \d analytics."<orgname>.prod.fact"

    Use the following command to exit psql:
    apigee=# \q
  4. Access the Apigee Edge user interface using a web browser. Remember that you already noted the management console URL at the end of the installation.
    1. Launch your preferred browser and enter the URL of the Edge UI. It looks similar to the following, where the IP address is for Machine 1, or for whichever machine you installed the UI on for alternative configurations:

      9000 is the port number used by the UI. If you are starting the browser directly on the server hosting the Edge UI, then you can use a URL in the form:

      Note: Ensure that port 9000 is open.
    2. On the console login page, specify the Apigee system admin username/password.
      Note: This is the global system administrator password that you have set during the installation. Alternately, you can:
  5. Sign up for a new Apigee user account and use the new user credential to login.
    1. Click Sign In, the browser redirects to:<orgname>/ 

      and opens a dashboard which allows you to configure the organization created before (if logged in using Apigee admin credentials).
    2. If you are new to Edge, you can now create your first API proxy. For more information, see the following tutorials:

      Also see the sections on samples, including Samples list, and the mock target RESTful APIs that you can use in your own API-building experiments at Mock Target API.

Help or comments?