Integration Server 10.3 | Web Services Developer’s Guide | Securing Web Services Using the WS-Security Facility | About the Integration Server WS-Security Facility | Message Security Options Supported by WS-Security Facility | Token References
 
Token References
The WS-Security facility allows you to specify handling of certificate information through direct or indirect references:
*In a direct reference, the actual certificate, or a path to the URI specifying a remote data source containing the token element, is embedded in the SOAP header.
*In an indirect reference, a certificate property, such as the X.509 key identifier, is embedded in the SOAP header. Using this property value, the recipient extracts the property value from the message header and uses it to locate the certificate.