If changing the endpoint, or the value for a query parameter or HTTP request header, remember to save the Connector to update the definition.
See Also:
Mutual Authentication is an optional additional security feature provided by Acquia Journey. Mutual Authentication is off by default for REST web service connections.
Mutual authentication or two-way authentication refers to two parties authenticating each other at the same time. This is an added security protection that is often implemented in internal business application. By default the Transport Layer Security (TLS) protocol only proves the identity of the server to the client using X.509 certificate and the authentication of the client to the server is left to the application layer.
TLS also provide client-to-server authentication using client-side X.509 authentication. This requires provisioning of the certificates to the clients. Mutual TLS authentication (mTLS) is widespread in business-to-business (B2B) applications as it insures that only a limited number of programmatic and homogeneous clients are connecting to specific web services, the operational burden is limited, and security requirements are greater.
In order to allow a client to communicate with a Mutual Authentication protected endpoint, Acquia Journey’s certificate authentication chain must be added to the server’s configuration for trusted client certificate chains. Acquia Journey’s public certificate will be provided in the bundle as well.
The first step in setting up Mutual Authentication is to obtain the proper certificates from Acquia Journey to register with your gateway server or firewall. To do this, contact Acquia Support to request the certificates for Mutual Authentication.
Once you have the client-side certificates, they need to be registered with your web-server or gateway. This process may differ based on your server configuration, but the systems administrator for the business application should be familiar with how to register new certificates.
The next step in setting up Mutual Authentication is enabling the feature for a specified environment and REST Web Service connection. This ensures that Acquia Journey will properly authenticate via certificate with the endpoint it is targeting. Go to the Admin screen and click the Projects button on the left hand side.
Note all requests made through this connection and environment will now utilize Mutual Authentication.
The last step is to ensure that outbound requests from Acquia Journey are properly authenticated with the client. To test this, set up a graph that uses the REST Web-Service connection and run the graph visually in the environment that is configured for Mutual Authentication. If the connection succeeds, then Mutual Authentication is working correctly. If it fails - typically with a 401 Unauthorised response, the Visual Testing Console will display the error message that was received when trying to call the internal business application.