Skip to main content
availability

Package: Invicti AppSec Core (on-demand)

Apigee API Hub

Invicti AppSec Core can connect to Apigee API Hub via OAuth 2.0 to automatically import Swagger 2 and OpenAPI 3 specifications into your API catalog.

This document explains how to set up the OAuth consent screen and credentials in Google Cloud, and configure the Apigee API Hub source in Invicti AppSec Core.

Why this matters

Apigee API Hub is your organization's source of truth for API specifications. Connecting it to Invicti AppSec Core means those specifications are automatically imported into your API catalog, so your security scanning stays aligned with what's actually published and maintained by your API teams.

note

Only Swagger 2 and OpenAPI 3 specifications are imported. Apigee API proxy format isn't supported.

Prerequisites

Before you begin, make sure you have:

  • A Google Cloud Platform account
  • Permission to configure OAuth 2.0 in Google Cloud Platform
  • Access to Apigee API Hub
  1. In the Google Cloud Console, go to APIs & Services > OAuth consent screen.
  2. Select the user type (Internal or External) and click Create.
  3. Fill in the app name, support email, and developer contact information.
  4. Optionally add a logo and links.
  5. Define the required OAuth scopes.
  6. Add test users if using the External user type.
  7. Save and continue.

Step 2: Create OAuth 2.0 credentials

  1. Go to APIs & Services > Credentials.
  2. Click + Create credentials and select OAuth client ID.
  3. Set the application type and enter a name.
  4. Add the authorized redirect URIs for your Invicti AppSec Core instance.
  5. Click Create and note the Client ID and Client Secret.

Step 3: Enable required APIs

In Google Cloud Platform, enable the following APIs for your project:

  • IAM API
  • Cloud Resource Manager API
  • Apigee API

Step 4: Collect credentials

From the Google Cloud Console, copy the following values:

  • Client ID and Client Secret - from your OAuth 2.0 credentials
  • Project ID - from the project selector at the top of the console

Step 5: Configure Apigee API Hub in Invicti AppSec Core

  1. Select Discovery > API sources from the left-side menu.
  2. Click Add source.
  3. Select the Apigee API Hub source type card.
  4. Click Continue.
  5. Enter the Client ID, Client Secret, and Project IDs.
  6. Click Authenticate and save and sign in with your Google Account when prompted.

Step 6: Synchronize

To run an immediate sync, click the sync icon next to the source on the API sources page.

Invicti AppSec Core automatically synchronizes with Apigee API Hub every 24 hours. You can turn off auto-sync using the toggle on the source.

Need help?

Invicti Support team is ready to provide you with technical help. Go to Help Center

Was this page useful?