Web Services Reference for Oracle Self-Service E-Billing > Overview of Web Services >

About Web Services Security

Oracle Self-Service E-Billing Web services currently support custom token authentication. The authentication generates a unique token for each registered API user, then the token for the registered user is sent with every request to the service.

A token is a secure random text string with a default length of 48. The following string is an example of a token:

Dlc7lkpeVp9InmOUB82dJMg6LF7WQ6ZnujTHq8zP94uCWtjg

When a token is created, it stays on the server temporarily and expires automatically after a certain period. The default value is 20 minutes, and it is preconfigured. The valid token must be passed in an HTTP header for each subsequent Web service request. If a request is made with an invalid token, then an exception with status code 401, which is a standard code for unauthorized access, is returned.