11436 SSO

Product Update: SAML 2.0, API Product History, API Leaderboards

Apigee Product Team
Nov 12, 2013

Today we released a scheduled update for Apigee Edge, the app, API, and analytics infrastructure used by enterprises like Walgreens, eBay, and AT&T that can be used for free at apigee.com.

Here are some of the key new features and improvements included in this update.

API Services

Authenticate and authorize using SAML 2.0 

The Security Assertion Markup Language (SAML) specification defines formats and protocols that enable applications to exchange XML-formatted information for authentication and authorization. A "security assertion" is a trusted token that describes an attribute of an app, an app user, or some other participant in a transaction. Security assertions are managed and consumed by two types of entities:

  • Identity providers: Generate security assertions on behalf of participants
  • Service providers: Validate security assertions through trusted relationships with identity providers

Apigee Edge can act as an identity provider and as a service provider. It acts as an identity provider by generating assertions and attaching them to request messages, making those assertions available for processing by backend services. It acts as a service provider by validating assertions on inbound request messages. 

Two new policies available via the user interface allow you to generate and validate SAML assertions:

  • The GenerateSAMLAssertion policy
  • The ValidateSAMLAssertion policy
Read more about SAML in the documentation:


View API Product History 

View, track, and manage the changes to API products using the audit trail accessible directly from the Edge user interface. This "history" feature helps you troubleshoot problems as well as manage API usage. You can:

  • View the operations (create, update, read, delete, deploy, undeploy) that have been performed on your APIs and API products over time.
  • See who performed each operation, when the operation was performed, the request URI, and the response code. For update operations, you can also view the request body that was as passed in the API call.
Read more about API history in the documentation:








Analytics Services

Enhanced API Dashboards with leaderboard capabilities and ability to control aggregation intervals

In our previous Apigee Edge release update we talked about our revamped dashboards. Today’s release update brings the following enhancements to the dashboards:

  • A new drop-down menu on the API program view lets you drill down even further on the selected time interval, letting you view metrics over more granular times.
  • In the API program view, the "details" view shows which API has the most traffic, least traffic, most errors, and least errors.
Read more about the enhanced dashboards in the documentation:





See the full release notes, including a list of bugs fixed in this release. As always, we look forward to your questions and comments. You can reach us on the User Forum.

We can’t wait to see what you will build with us. Sign up to get started right away.



Scaling Microservices