API Connect

 View Only
  • 1.  Adding users to APIC via LDAP groups

    IBM Champion
    Posted Tue September 22, 2020 10:40 AM
    Hi all,

    Hope everybody is doing oké! 

    Is there a possibility to provide users access to APIC (mainly manager) via LDAP groups. It would be nice that all users beloning to a specific LDAP group automatically receive access to the API Manager. This would reduce manual configuration. 

    Thanks,

    Dirk

    ------------------------------
    Dirk Maes
    ------------------------------


  • 2.  RE: Adding users to APIC via LDAP groups

    IBM Champion
    Posted Tue September 22, 2020 12:41 PM
    Please refer the IBM Documentation. 









  • 3.  RE: Adding users to APIC via LDAP groups

    IBM Champion
    Posted Wed September 23, 2020 02:41 AM
    Hi Chander,

    I believe that the documentation your refers to highlights how to setup an LDAP server as user repository. That is indeed possible and documented and we have configured this many times. However, once you have your LDAP configured, you still need to add each user manually (or via the platform API's) to the API Manager and assign the correct role inside APIM. My question is if it is not possible to assign certain LDAP groups to specific roles inside APIC. This would avoid that each user needs to be added and assigned a specific role. It would also ensure that when somebody leaves the team and his access gets updated in LDAP this would immediately remove the user access in APIC as well. 

    Regards, 

    Dirk

    ------------------------------
    Dirk Maes
    ------------------------------



  • 4.  RE: Adding users to APIC via LDAP groups

    Posted Fri February 12, 2021 12:50 AM
    Edited by Paul Bradley Fri February 12, 2021 09:34 AM
    Hi Dirk,

    we're facing the same problem. Even though you can search LDAP Groups and grant them access it is somehow not possible for members of this LDAP group to get access to the catalog. Did you find a solution for this in the meantime?

    Best Regards,

    Christian

    ------------------------------
    Christian Eickhoff
    ------------------------------



  • 5.  RE: Adding users to APIC via LDAP groups

    IBM Champion
    Posted Fri February 12, 2021 11:01 AM
    Edited by Dirk Maes Fri February 12, 2021 11:01 AM
    Christian,

    No solution for now. Didn't check yet on v10. 

    Regards,

    ------------------------------
    Dirk Maes
    ------------------------------



  • 6.  RE: Adding users to APIC via LDAP groups

    Posted Mon May 17, 2021 04:07 PM

    Dirk,

    LDAP group support is 10.0.2.0, it should satisfy what you ask above.

    See https://www.ibm.com/docs/en/api-connect/10.0.x?topic=overview-whats-new-in-latest-release-version-10020



    ------------------------------
    Shiu Poon
    Security Architect
    IBM
    Littleton MA
    ------------------------------



  • 7.  RE: Adding users to APIC via LDAP groups

    IBM Champion
    Posted Tue May 18, 2021 01:57 AM
    Hi Shiu Poon,

    Indeed! Thanks for point this out. I will test it, just to be sure ;-)

    Dirk

    ------------------------------
    Dirk Maes
    ------------------------------



  • 8.  RE: Adding users to APIC via LDAP groups

    Posted Mon June 14, 2021 04:54 PM
    Thanks Shiu Poon for pointing it out. 
    I am moving from version 5 to version 10..so, It really makes me confuse.

    ------------------------------
    Austin Smith
    ------------------------------