Apigee Connect

You can connect to a Google Cloud Platform (GCP) instance using the Apigee Connect action. The GCP manages access to your Apigee instance.

Prerequisites

Note: The examples and graphics provided on this page are for representation purposes only and may not accurately reflect your specific instance. We do not assume responsibility for their maintenance or accuracy.
  • Create a GCP account (GCP Cloud) and create a GCloud project.
  • Login to your GCloud account at Google Cloud Project and create a project. If you already have access to a project, you will see your project here.
  • Create an OAuth 2.0 Client ID. A client ID is used to identify a single application to Google's OAuth Servers. For more details, see Apigee Connect.

You can connect to an Apigee instance using the Apigee Connect action from Automation 360.

You can use different connection methods to connect to Apigee:
  • User Account: Use this connection method by providing the GCloud account credentials. The GCloud account is required to establish a connection.
  • Service Account: Use this connection method by providing the GCloud service account key. This method uses the certificate to authenticate between servers rather than user credentials. To create a service account key, see Creating a service account.
  • Control room OAuth connection: Use this connection method by creating an OAuth connection and storing it in the Control Room.

Procedure

  1. Log in to the Control Room.
  2. Create a new bot or edit an existing bot. For more details, see Create your first bot.
  3. From the Actions pane, select Apigee > Connect and place it under the Start of the bot flow.
  4. In the Authentication Type field, select the authentication method from the drop down list.
  5. To view client ID and client secret details in Apigee for User Account authentication, complete the following steps:
    1. Open the Google Cloud console.
    2. At the top-left, click Menu > APIs & Services > Credentials.
    3. Click on an application under OAuth 2.0 Client IDs that you want to connect.
      Apigee Connect to GCP
    4. Copy the values from Client ID, Client secret, and URI fields.
  6. To connect using User Account, complete the following steps:
    1. In the User Email Address field, enter the email address used to login to the GCloud account.
    2. In the Client ID field, paste the Client ID copied from the GCloud. This example uses Insecure string whereas you can use Credential or Variable options for better security.
    3. In the Client Secret field, paste the Client Secret copied from the GCloud.
    4. In the Redirect URI field, enter the redirect URI from the GCloud account.
    5. Enter Default as the session name.
    Note: You can use one of the following options to specify the User Email Address/Client ID/Client secret/ Redirect URI:
    • Credential: Enables you to use a value in the Credential Vault that contains information about the User Email Address/Client ID/Client secret/Redirect URI.
    • Variable: Enables you to use a credential variable that contains information about the User Email Address/Client ID/Client secret/Redirect URI..
    • Insecure string: Enables you to enter the User Email Address/Client ID/Client secret/Redirect URI. User Email Address/Client ID/Client secret/Redirect URI
  7. To connect using Service Account, in the Service Account Key field, enter the GCloud service account key. This example uses Insecure string whereas you can use Credential or Variable options for better security.
    Note: If you do not have access to generate and retrieve the Service Account Key, contact your Google Cloud Admin.

    Apigee service account key
  8. To configure a Control room OAuth connection in Apigee, complete the following steps:
    1. Complete step 1 to step 5 in Create OAuth connection.
    2. Open the Google Cloud console.
    3. At the top-left, click Menu > APIs & Services > Credentials.
    4. Click CREATE CREDENTIALS > OAuth client ID.
    5. Select Web application. Enter a name and add the Callback URL from Create OAuth connection as an authorized redirect URI.
    6. Click Create.
    7. Copy the client ID and client secret.
    8. Go to Create OAuth connection and complete the remaining steps to create an Oauth connection with the above details.
  9. To connect using Control room OAuth connection, pick an Apigee OAuth connection you have created and stored in the Control Room. For more details, see Configure OAuth connections in Control Room.
  10. In the Create Apigee session field, the session name is displayed as Default.