Security guidelines
Follow these guidelines for secure development.
- Transport-level security
The Oracle Empirica Topics web service client must use HTTPS connection to secure all data communication with the Oracle Empirica Topics web service. - Message-level security
The Oracle Empirica Topics web service client must use WS SECURITY and either a user name token policy or a bearer token. - Access control security
The Oracle Empirica Topics web service client must include a user name in the input field TopicsServiceContext.username for all API calls except forgetTopicsServiceProperties. ThegetTopicsServicePropertiesAPI call is available to any user. - Request parameter validation
The Oracle Empirica Topics web service validates API input fields for content and size.
Parent topic: Secure development guidelines