Introduction
SICS API Server is a software component in the SICS product suite. SICS API Server implements the Web Services that allows external applications to call/invoke SICS functions.
This document describes the Security features that SICS API Server supports.
What this document covers #
| Security feature | Description |
|---|---|
| Authentication | How to get SICS API Server to authenticate the sender of Web Services calls. |
| Authorization | How to get SICS API Server to check whether a user has the authority (Access Rights) to invoke a web service, and to perform the business logic that is re-used from the SICS on-line system. |
Audience #
The document is relevant for architects and developers who develop calls to the SICS API Server and who need to understand the security features of SICS API Server, and how to use these.
This document is not relevant for your company if you do not use the SICS API Server software component.
Note:
There are other important aspects of securing SICS API Server which are not covered in this document.
Examples:
- Using secure HTTP (HTTPS)
- Firewall configurations