Whatever identifier you choose to identify a consumer application, it must be unique to the application. Identifiers that represent user names are often not suitable because the identified users might submit requests for multiple applications.

Identifying applications by IP address or host name is often a suitable choice, however, it does create a dependency on the network infrastructure. If a consumer application moves to a new machine, or its IP address changes, you must update the identifiers in the application asset.

Using X.509 certificates or a custom token that is extracted from the SOAP message itself (using an XPATH expression), is often the most trouble-free way to identify a consumer application.

Scenario 1: Identify consumers by IP address or host name

Scenario 2: Authenticate consumers by HTTP authentication token

Identify Consumer action, and select the HTTP Authentication Token parameter (to identify consumers using the token derived from the HTTP header).

Require HTTP Basic Authentication action.

Authorize User action (to authorize a list of users and/or groups registered in the Integration Server on which CloudStreams is running).

Scenario 3: Authenticate consumers by WS-Security authentication token

Identify Consumer action, and select the WS-Security Authentication Token parameter (to identify consumers using the token derived from the WSS Header).

Require WSS Username Token action.

Authorize User action (to authorize a list of users and/or groups registered in the Integration Server on which CloudStreams is running).

Scenario 4: Authenticate consumers by WSS X.509 token

Identify Consumer action, and select the Consumer Certificate parameter (to identify consumers using the WSS X.509 token).

Require X.509 Token action.

Require SSL action.