search cancel

strong rest api protection

book

Article ID: 237802

calendar_today

Updated On:

Products

CA Advanced Authentication - Strong Authentication (AuthMinder / WebFort)

Issue/Introduction

we are wondering whether it's possible to protect the strong rest api with autentication.

We read through the documentation that it's possible to protect the risk api with the following line in the apirest.properties:

RiskAuth.AnAConfiguration=ALL

So the question is: is it possible to protect also the strong api with something like StrongAuth.AnAConfiguration=All ?

Environment

Release : 9.1

Component : RiskMinder(Arcot RiskFort)

Resolution

Rest API is already protected by the AuthToken which is generated after validating the Admin credentials, more details here in this document link.

https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/advanced-authentication/9-1/building/rest-based-api/ca-advanced-authentication-common-rest-apis/authtoken-api.html

You can generate the token and then pass this token in the header  for the Rest API calls, there is no need of doing AnA as this is already protected. 

It is always recommended to pass the AuthToken so the API is protected and that Token is validated first and then actual API.

To enable AnA for Webfort Rest API, you need to enable it from the Master Admin Console -> Services and server configurations -> Administration Console -> Authentication and Authorization

You can enable the API authorization from this page. It is not available from restapi.properties file for Webfort aka Strong Auth API's.