Setting Up Orchestration Security

Before the EnterpriseOne Orchestrator can process an orchestration, authentication of the JD Edwards EnterpriseOne user ID and password must take place. It is the responsibility of the originator of the service request to tell the orchestration about the user. The user's credentials must be supplied in a basic authorization header or in the JSON body of the request. The user must also have authorized access to the EnterpriseOne application in which the resulting transaction takes place. The following code is an example of credentials in the JSON body of the request:

{
                "username":"JDE",
                "password":"JDE",
                "environment":"JDV900",
                "role":"*ALL"
}

The AIS service used with orchestrations is stateless; each call passes credentials to establish a separate EnterpriseOne session. After the transaction is complete, the session closes.

In addition to passing credentials for authentication, you can employ a second level of security for the Orchestrator through whitelisting. Whitelisting enables an initial rudimentary pass/fail check of the incoming device signature against a predefined list of signatures. A white list provides an additional layer of security to the Orchestrator security. If a value passed to the Orchestrator is not a valid value included in the orchestration's white list, the Orchestrator rejects the input. For more information, see Creating a White List in this guide.