Latest update: 7.0.4
- Overview
- Secret Stores, Certificates and Keys
- Secure Authentication
- Protect REST Endpoints With Authorization and Access Control
- Secure Passwords
- Secure Network Connections
- Protect IDM Data
- Encoding Attribute Values
- Structure of an Encrypted Object
- Encrypting and Decrypting Properties Over REST
- Securing the Repository
- Protecting Sensitive Files and Directories
- Removing or Protecting Development and Debug Tools
- Adjusting Log Levels
- Disabling the API Explorer
- Disabling Automatic Configuration Updates
- Managing Privacy & Consent
- Securing IDM Server Files With a Read-Only Installation
- Authentication and Session Module Configuration
Protect REST Endpoints With Authorization and Access Control
IDM provides role-based authorization that restricts direct HTTP access to REST interface URLs. This access control applies to direct HTTP calls only. Access for internal calls (for example, calls from scripts) is not affected by this mechanism.