Anonymous authentication for URL alias

Ammu2762 · February 15, 2024, 7:03pm

Product/components : Integration server

version: 10.5

Hi All, In our project we have created one flow service for specific purpose. And we have created URL alias for that particular service to invoke from the browser. When we tried to run the service through URL in browser it asks for authentication ( username/password of integration server).

Is there any way to invoke that URL without any authentication ? we would like to make it as anonymous, so that everyone having the URL can run the service.

Appreciate your help.

Holger_von_Thomsen · February 15, 2024, 7:23pm

Hi,

you will have to set the ListACL and ExecuteACL for this service to “Anonymus” in Designer.

Please note that this approach is not recommended from a security perspective, just to prevent DOS-Attacks against such services.

Regards,
Holger

Vijaya_Chandra_Jasti · February 16, 2024, 5:55am

You can just follow the response from " [Holger von Thomsen]".
Regarding security, you can allow through RIPS/Enterprise Gateway so that you don’t need hit direct IS URL. Alternatively, restrict the IPs to access your service internally instead of allowing public access.

engin_arlak · February 16, 2024, 9:50pm

Also, never expose the admin port for any service, especially for a service that doesn’t require authentication.

jahntech.cj · February 17, 2024, 8:13pm

You should check that requirement with at least your security department. In most organizations implementing something like this will get you in real trouble. Depending on your industry and/or geography there may even be legal issues.