User Authentication
Client applications must log in using valid credentials for an organization. The server authenticates these credentials and, if valid, provides the client application with:
- SOAP authentication header that must be set into the session header so that all subsequent calls to the API are authenticated
- a URL for the client application’s API requests
TIBCO Reward supports only the Secure Sockets Layer (SSL) protocol SSLv3 and the Transport Layer Security (TLS) protocol.
Ciphers must have a key length of at least 128 bits.
Note: Client applications try to connect with the SFTP default secure ciphers first and again with legacy insecure ciphers if initial secure connection fails with an ssh exception. A warning is logged if a connection is opened using insecure legacy ciphers. Insecure reconnecting might be disabled in an environment setting. It is enabled on production environments to avoid service disruptions.
Copyright © Cloud Software Group, Inc. All rights reserved.