Product Connectivity

TIBCO Platform consists of a TIBCO Control Plane which is installed and configured first. It then controls software running on data planes.

All client connections only support TLS version 1.2 or higher and forward secrecy ciphers. You can further restrict TLS parameters by configuring server-side connections on Ingress Controllers, Databases, Mail Servers which are customer-controlled.

Communications between TIBCO Control Plane and Data Planes

When registering the data planes a temporary, random secret is given to the operator to run the initial command on the data plane where it installs the infrastructure components of TIBCO Control Plane. The secret is deleted on successful registration. The protocol ensures reliability and catches any stolen secrets if they are reused. The process is intended to protect against operational errors when registering the data plane.

TIBCO Control Plane is able to control orchestration of operations on the data plane by using a proxy. Customer is asked to open firewall access from the data plane to TIBCO Control Plane.

Only TIBCO components on the data plane can call TIBCO Control Plane for any user-related action, for example: to enforce permissions.

User Access to TIBCO Control Plane and TIBCO Apps in Data Planes

TIBCO Control Plane and the control interfaces of TIBCO capabilities running in the data planes allow access only from authorized users. Permissions are configured at TIBCO Control Plane and are enforced for all authenticated users attempting operations. Customers are advised to periodically review such permissions. It is recommended to apply permissions to group memberships coming from the Corporate IdP rather than the individual email addresses of the users. Note that updates to groups which are part of Corporate IdP will take effect the next time a user authenticates. Immediate removal is possible by manually removing this user from the system.

Users sign in to the system from the browser by using IdPs. Users can sign in by using TIBCO Accounts (for TIBCO Operated Control Plane) or default IdP (for self-hosted TIBCO Control Plane). They all require strong passwords as credentials and users are expected to follow standard procedures in selecting passwords and non-disclosing them. Customers are strongly encouraged to integrate their SAML 2.0-compliant Corporate IdP as the only identity provider. This would be consistent with corporate-wide security policies.

The initial, default identity providers can then be disabled for users. This runs the risk of customers locking themselves out of the interactive sign-in to the system if the Corporate IdP is unavailable. In that case TIBCO Support can help reinstall or reconfigure access. An alternative approach to this risk is to allow one or more users access by using the default IdP.

OAuth tokens are used for non-browser operations: CLI client, Studio, or CI/CD. They all require that users should, at least initially, first sign in via the browser. Tokens issued to CLI or Studio Clients’ are refreshed automatically in case of continuous use. Users are still required to authenticate and sign in to TIBCO Control Plane at least once a week. Permission enforcement is always done on the back end for all calls.

For CI/CD use case, users can generate long-duration, revocable tokens to access the system. Users can pick up to a year validity. Removing a user from the system automatically invalidates any active tokens that this user had generated.

Signout from TIBCO Control Plane applies to both Control Plane and data planes.