Authenticating Access to a TIBCO ActiveMatrix BPM Service

You can use different methods to include authentication information when invoking a TIBCO ActiveMatrix BPM service.

At runtime, security policies are enforced on the endpoint of every TIBCO ActiveMatrix BPM service to ensure that access is restricted to authenticated users. Every API call to a TIBCO ActiveMatrix BPM service must be made using the identity of a user who is registered in the BPM organization model. An API call that does not meet this requirement is rejected.

TIBCO ActiveMatrix BPM supports the following authentication types:

Note: Direct and single sign-on authentication are the basic methods required to authenticate access to a BPM service.

Additional security mechanisms or techniques can be used to enhance the security of any call to a BPM service according to specific business requirements - for example, the use of SSL or message-level encryption. These mechanisms and techniques are, however, not specifically needed to access BPM services, and so are not discussed further here. See the TIBCO ActiveMatrix runtime documentation for more information about security mechanisms and techniques used by the TIBCO ActiveMatrix runtime.

Contents

Index

Search Results

Authenticating Access to a TIBCO ActiveMatrix BPM Service