The process for installing and configuring external IDP support on Apigee Edge for Private Cloud requires that you perform some tasks on your IDP and some on Edge. The general process is:
- Install Edge: Ensure that your installation is working properly before continuing.
- Configure your IDP; you can choose from one of the following:
- Install and configure Edge SSO: Configuring the Apigee SSO module enables SAML or LDAP on the Edge management API. As part of configuring this module, you can optionally enable TLS access.
- Enable your external IDP for the Edge UI.
- Register new Edge users: For each user in the IDP that corresponds to an Edge user, create an Edge user account and assign that user a role in an Edge organization. The Edge user must have the same email address as is stored for the user in the IDP.
- (Optional) Enable HTTPS: Configure the Apigee SSO module to use HTTPS instead of HTTP (the default).
- (Optional) Disable Basic authentication: After you have confirmed that your external IDP is working, you can disable Basic authentication to ensure your environment is secure.
In addition, the following other tasks are also optional, depending on your environment: