In one of our implementations, client is sending Authorization header containing a hmac token. I think there is no way to skip the Authorization header validation and do a custom implementation for validation.
the client won’t change the API spec, Is there a possible solution to handle the scenario ?
Integration Server currently doesn’t support HMAC based authentication. One possible solution could be custom JAAS login module to do the hmac token validation.
Thank you for responding…!! do you have any documentation around the JAAS login module, how to implement ?
You can find about implementing Custom JAAS module in the Integration Server Administrator guide. You can try to implement the HMAC authentication, if possible.