How can we configure the OAuth for the protection of endpoints exposed by AwareIM? There is only a checkbox and nothing more.
Second question, is it possible to use basic authentication or any other method?
I assume basic auth is impossible because we cannot read the header parameters from the request.
Also, there are no functions for a token (e.g. JWT) generation, decoding, encoding. Same for base64 - no option to encode and decode string without a java plugin.
Am I missing something? Is OAuth 2.0 the only way to secure API endpoints if we want to avoid non-standard methods like a plain string that is verified in a process?
Securing exposed REST API
-
- Posts: 7532
- Joined: Sun Apr 24, 2005 12:36 am
- Contact:
Re: Securing exposed REST API
OAuth is the only option to secure your services.
There is a document that explains what needs to be done. Please send us an email and we will send the document to you.
There is a document that explains what needs to be done. Please send us an email and we will send the document to you.
Aware IM Support Team
Re: Securing exposed REST API
Hi Support, Is the document not available for public?aware_support wrote: ↑Thu Mar 18, 2021 4:04 am There is a document that explains what needs to be done. Please send us an email and we will send the document to you.
Regards,
Suwandy
-----------------
Kisaran - Indonesia
Suwandy
-----------------
Kisaran - Indonesia
-
- Posts: 7532
- Joined: Sun Apr 24, 2005 12:36 am
- Contact:
Re: Securing exposed REST API
It is not currently in the public domain - we email it upon request.
Aware IM Support Team