Idea ID: 2878138

IDM REST Driver certificate based authentication

Status: Accepted

The rest driver provides a flexible generic connection between IDM and a connected application supporting a REST API. It provides out of the box a number of useful configuration options to authenticate to a whole suite of different end points using different authentication methods. One method which is really important and appears to be missing from the default configuration options is Certificate Based Authentication (CBA) which is becoming increasingly important as a strong modern authentication method.

 

OpenText support and provide the option to use CBA as part of other drivers (eg. the Azure Driver), but this is not currently supported as part of the REST driver. As a customer we have a requirement to authenticate an existing REST driver to Azure using CBA in order to move away from older authentication methods. This has become critical. On investigation and discussions with support it appears that CBA is not currently supported on the REST shim, although the Azure driver which implements a number of the REST driver capabilities does have this functionality. This enhancement request is to provide support for certificate based authentication on the REST driver shim, to allow the already useful tool to become much more flexible and support strong modern authentication. A number of customers currently have technical limitations that prevent the use of the Azure shim, and instead use their own implementations through the REST driver and Graph API, so I believe this could be very benificial to a number of organizations who want to use CBA.