Validating Security on Inbound Integrations

PeopleSoft Integration Broker can validate that inbound service operations from integration partners are transmitted with a level of security as determined by your organization. If they do not pass validation based on the parameters you set, the integrations are rejected.

The Service Operations – General tab (IB_SERVICE) features a Security Verification drop-down list box that enables you to set the required level of security on inbound integrations. For REST service operations the field is labeled Req Verification.

To access the Service Operations – General tab select PeopleTools > Integration Broker > Integration Setup > Service Operations.

Validating Security on Inbound Service Operations

Image: Service Operations – General page

This example illustrates the portion of the Service Operations page for a non-REST service operation that contains the Security Verification drop-down list box. The Security Verification drop-down list box is located under the User/Password Required box.

Security Verification drop-down list

To require security on inbound (non-REST) service operations, select a value from the Security Verification drop-down list. The valid values are:

  • Digital Sign or SSL. The integration partner must digitally sign the service operation or transmit it using SSL encryption.

  • Digitally Sign. The integration partner must digitally sign the service operation.

  • Encrypt. The integration partner must employ WS-Security encryption on the service operation.

  • Encrypt and Digitally Sign. The integration partner must employ WS-Security encryption and digitally sign the service operation.

  • Encrypt or SSL. The integration partner must employ WS-Security encryption on the service operation the service operation or transmit it using SSL encryption.

  • Encrypt/Digitally Sign or SSL. The integration partner must employ WS-Security encryption and digitally sign the service operation, or transmit it using SSL encryption.

  • None. (Default.) The integration partner is not required to set any specific security options on the service operation.

  • SSL. The integration partner must transmit the service operation using SSL encryption.

Validating Security on Inbound REST Service Operations

Image: Service Operations – General page

This example illustrates the portion of the Service Operations page for a REST service operation that contains the Req Verification drop-down list box. The Req Verification drop-down list box is located under the User/Password Required box.

Req Verification drop-down list

To require security on inbound REST service operations, select a value from the Req Verification drop-down list. The valid values are:

  • Basic Authentication. The integration partner must pass the external user ID and password defined on the local node.

  • Basic Authentication and SSL. The integration partner must pass the external user ID and password defined on the local node, and transmit the service operation using SSL encryption.

  • None. (Default.) The integration partner is not required to set any specific security options on the service operation.

  • PeopleSoft Token. The integration partner must pass a valid PeopleSoft Token.

  • PeopleSoft Token and SSL. The integration partner must pass a valid PeopleSoft Token and transmit the service operation using SSL encryption.

  • SSL. The integration partner must transmit the service operation using SSL encryption.