You need to sign in to do that
Don't have an account?
Amrita Solanki
how to make sure API is secure
Hi All,
How i can make sure my API callout is secure. My third party only knows tha user name and password for authentication. So that no one can hack it ?
Thanks
Amirta
How i can make sure my API callout is secure. My third party only knows tha user name and password for authentication. So that no one can hack it ?
Thanks
Amirta
There are a couple of ways to secure callouts:
1) Restrict the IP Addresses that the web service will accept calls from.
2) Use the Salesforce.com Client Certificate (or use your own Cert) to do mutual SSL for the Callout.
3) Put an HTTP header into the Callout to use some sort of Basic Auth
(any or all of these can be used)
You can get the client certificate under setup. If your endpoint uses a client certificate, right-click the Download Client Certificate link on the outbound message detail page, and save the certificate to the appropriate location. Then you can import the downloaded certificate into your application server, and configure your application server to request the client certificate
You can send HTTP Headers on a Web Service Callout ... Here is the sample in the documentation:
docSample.DocSamplePort stub = new docSample.DocSamplePort();
stub.inputHttpHeaders_x = new Map();
//Setting a basic authentication header
stub.inputHttpHeaders_x.put('Authorization', 'Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==');
//Setting a cookie header
stub.inputHttpHeaders_x.put('Cookie', 'name=value');
//Setting a custom HTTP header
stub.inputHttpHeaders_x.put('myHeader', 'myValue');
String input = 'This is the input string';
String output = stub.EchoString(input);
I hope you find the above solution helpful. If it does, please mark as Best Answer to help others too.
Thanks.