OAuth Keys
The system provides support for sending messages secured by OAuth authentication. To deliver the message, the application is required to provide a client ID and secret. The OAuth secret is sensitive data and needs to be stored securely in the application. The Message Sender configuration provides the ability to store the client ID and an encrypted secret directly in the sender context. Alternatively, the sender context can refer to a key ring that stores those details. Using a key ring allows users to apply new secrets over time without having to update the affected message sender configurations.
Refer to Message Sender - Context for more information about configuring a message sender for OAuth security.
The product provides an OAuth Keys business object that supports the following functions:
-
Defining the external system related to the key ring
-
Adding a client ID and secret key. The secret key is stored in an appropriate "secret store".
-
Key rotation. For increased security, a new secret key may be entered periodically. The new key automatically becomes the active key.