Rest-API Authentication
Strengthen Your REST API Security with Multi-Layered Authentication:
-
JSON Web Tokens (JWT):
- Enhanced API Security: JWTs add an extra layer of security by ensuring that each request is properly authenticated.
- CloudHSM Requirement: JWT authentication is mandatory when integrating with CloudHSM, ensuring secure communication and access control. (It is possible to add mutualTLS authentication, Contact Support.
- Flexible Implementation: For on-premise deployments, JWTs are optional but recommended when not using mTLS to bolster security and maintain consistency across environments.
-
Mutual TLS (mTLS):
- Bidirectional Authentication: mTLS offers a robust security mechanism by requiring both the client and server to authenticate each other, ensuring only trusted entities can interact with your API.
- Comprehensive Client Validation: Optionally, an OCSP-Responder can be configured to validate client certificates in real-time, granting you full control over client authentications and enhancing the integrity of your API ecosystem.
- Implementation Guide: For a detailed setup process, please refer to our mTLS configuration guide. For additional support, reach out to Securosys Support.