Certificate based authentication

Hello Experts,

There is an explicit requirement for a cloud application to have certificate based authentication to be done on webMethods API-Gateway. Mode of communication will be done with SSL handshaking.

But it is requested to use certificate based authentication explicitly (not IP filtering nor username, etc).
Is there any specific way to implement the same.


Hi Debapriyo,

You will have to set up the incoming port with either “Request Client Certificate” or “Require Client Certificate” mode instead of the default “Username/Password” mode.

Additionally you will have to configure the client certificate and map it to an IS-User under Security → Certificates → Configure Client Certificates at least for SSL-Authentication.

This should be documented in detail in the IS Administrators Guide or the resp. Guide for API-Gateway.