Evaluate Client Certificate for SSL Connectivity | Mediator validates the client's certificate that the client submits to the API in CentraSite. The client certificate that is used to identify the client is supplied by the client to the Mediator during the SSL handshake over the transport layer. |
Evaluate Hostname | Mediator will try to identify the client against either the Registered Consumers list (the list of registered consumers in Mediator) or the Global Consumers list (the list of available consumers in Mediator). Mediator will try to validate the client's hostname against the specified list of consumers in the Integration Server on which Mediator is running. |
Evaluate HTTP Basic Authentication | Mediator will try to identify the client against either the Registered Consumers list (the list of registered consumers in Mediator) or the Global Consumers list (the list of available consumers in Mediator). Mediator will try to validate the client's authentication credentials contained in the request's Authorization header against the specified list of consumers in the Integration Server on which Mediator is running. |
Evaluate IP Address | Mediator will try to identify the client against either the Registered Consumers list (the list of registered consumers in Mediator) or the Global Consumers list (the list of available consumers in Mediator). Mediator will try to validate the client's IP address against the specified list of consumers in the Integration Server on which Mediator is running. |
Evaluate OAuth2 Token | Mediator will try to identify the client against either the Registered Consumers list (the list of registered consumers in Mediator) or the Global Consumers list (the list of available consumers in Mediator). Mediator will try to validate the client's OAuth access token against the specified list of consumers in the Integration Server on which Mediator is running. |
Evaluate WSS Username Token | Applicable only for SOAP APIs. Mediator will try to identify the client against either the Registered Consumers list (the list of registered consumers in Mediator) or the Global Consumers list (the list of available consumers in Mediator). Mediator will try to validate the client's WSS username token against the specified list of consumers in the Integration Server on which Mediator is running. |
Evaluate WSS X.509 Certificate | Applicable only for SOAP APIs. Mediator will try to identify the client against either the Registered Consumers list (the list of registered consumers in Mediator) or the Global Consumers list (the list of available consumers in Mediator). Mediator will try to validate the client's WSS X.509 token against the specified list of consumers in the Integration Server on which Mediator is running. |
Evaluate XPath Expression | Mediator will try to identify the client against either the Registered Consumers list (the list of registered consumers in Mediator) or the Global Consumers list (the list of available consumers in Mediator). Mediator will try to validate the client's XPath expression against the specified list of consumers in the Integration Server on which Mediator is running. |
Require Encryption | Applicable only for SOAP APIs. Requires that a request's XML element (which is represented by an XPath expression) be encrypted. |
Require Signing | Applicable only for SOAP APIs. Requires that a request's XML element (which is represented by an XPath expression) be signed. |
Require SSL | Applicable only for SOAP APIs. Requires that requests be sent via SSL client certificates. |
Require Timestamps | Applicable only for SOAP APIs. Requires that timestamps be included in the request header. Mediator checks the timestamp value against the current time to ensure that the request is not an old message. This serves to protect your system against attempts at message tampering, such as replay attacks. |
Require WSS SAML Token | Applicable only for SOAP APIs. Uses a WSS Security Assertion Markup Language (SAML) assertion token to validate API clients. |