Rest-API Authentication

Strengthen Your REST API Security with Multi-Layered Authentication:

• JSON Web Tokens (JWT):

  • Enhanced API Security: JWTs add an extra layer of security by ensuring that each request is properly authenticated.
  • CloudHSM Requirement: JWT authentication is mandatory when integrating with CloudHSM, ensuring secure communication and access control. (It is possible to add mutualTLS authentication, Contact Support.
  • Flexible Implementation: For on-premise deployments, JWTs are optional but recommended when not using mTLS to bolster security and maintain consistency across environments.

• Mutual TLS (mTLS):

  • Bidirectional Authentication: mTLS offers a robust security mechanism by requiring both the client and server to authenticate each other, ensuring only trusted entities can interact with your API.
  • Comprehensive Client Validation: Optionally, an OCSP-Responder can be configured to validate client certificates in real-time, granting you full control over client authentications and enhancing the integrity of your API ecosystem.
  • Implementation Guide: For a detailed setup process, please refer to our mTLS configuration guide. For additional support, reach out to Securosys Support.