The process for installing and configuring SAML support on Apigee Edge for Private Cloud requires
that you perform some tasks on your SAML IDP and some on Edge. The general process is:
Install Edge: Ensure that your
installation is working properly before continuing.
Configure your SAML IDP: Requires
that you configure your IDP to use email addresses as the user ID, and specify the redirect
URL to the Edge UI which is used after a successful login.
Install and configure Edge SSO:
Configuring apigee-sso enables SAML on the Edge management API. As part of
configuring apigee-sso, you can optionally enable TLS access.
Register new Edge users: For each
user in the IDP that corresponds to an Edge user, create an Edge user account and
assign that user a role in an Edge organization. The Edge user must have the same email address
as is stored for the user in the IDP.
(Optional) Enable HTTPS: Configure the
apigee-sso module to use HTTPS instead of HTTP (the default).
(Optional) Disable Basic Authentication:
After you have confirmed SAML is working, disable Basic Authentication to ensure your
environment is secure.