How to pass certificate over rest request?
up vote
0
down vote
favorite
I am building an application which registers an external IdP with Okta.
Okta API doc.
In order to do that, I need IdP certificate & other meta data from the user.
Thus workflow will look like this:
User calls my endpoint and provides me with Idp details ( certificate
& meta data )
My application will then use the user provided Idp Details to call
Okta and register the IdP.
However, how should user provide me with Idp ceritificate - encrypted or un-encrypted?
api certificate okta
asked Nov 12 at 20:02
JavaDeveloper
1,83353670
add a comment |
up vote
0
down vote
favorite
I am building an application which registers an external IdP with Okta.
Okta API doc.
In order to do that, I need IdP certificate & other meta data from the user.
Thus workflow will look like this:
User calls my endpoint and provides me with Idp details ( certificate
& meta data )
My application will then use the user provided Idp Details to call
Okta and register the IdP.
However, how should user provide me with Idp ceritificate - encrypted or un-encrypted?
api certificate okta
asked Nov 12 at 20:02
JavaDeveloper
1,83353670
add a comment |
up vote
0
down vote
favorite
up vote
0
down vote
favorite
I am building an application which registers an external IdP with Okta.
Okta API doc.
In order to do that, I need IdP certificate & other meta data from the user.
Thus workflow will look like this:
User calls my endpoint and provides me with Idp details ( certificate
& meta data )
My application will then use the user provided Idp Details to call
Okta and register the IdP.
However, how should user provide me with Idp ceritificate - encrypted or un-encrypted?
api certificate okta
asked Nov 12 at 20:02
JavaDeveloper
1,83353670
I am building an application which registers an external IdP with Okta.
Okta API doc.
In order to do that, I need IdP certificate & other meta data from the user.
Thus workflow will look like this:
User calls my endpoint and provides me with Idp details ( certificate
& meta data )
My application will then use the user provided Idp Details to call
Okta and register the IdP.
However, how should user provide me with Idp ceritificate - encrypted or un-encrypted?
api certificate okta
api certificate okta
asked Nov 12 at 20:02
JavaDeveloper
1,83353670
asked Nov 12 at 20:02
JavaDeveloper
1,83353670
asked Nov 12 at 20:02
JavaDeveloper
1,83353670
asked Nov 12 at 20:02
JavaDeveloper
1,83353670
asked Nov 12 at 20:02
JavaDeveloper
1,83353670
1,83353670
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
up vote
1
down vote
If you are using https everything is already encrypted. Assuming there is some sort of authentication to access your application, I would probably just proxy the parameters to the Okta API (maybe with some validation to avoid sending known bad requests).
Does that help?
answered Nov 12 at 21:33
Brian Demers
1,072139
add a comment |
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
1
down vote
If you are using https everything is already encrypted. Assuming there is some sort of authentication to access your application, I would probably just proxy the parameters to the Okta API (maybe with some validation to avoid sending known bad requests).
Does that help?
answered Nov 12 at 21:33
Brian Demers
1,072139
add a comment |
up vote
1
down vote
If you are using https everything is already encrypted. Assuming there is some sort of authentication to access your application, I would probably just proxy the parameters to the Okta API (maybe with some validation to avoid sending known bad requests).
Does that help?
answered Nov 12 at 21:33
Brian Demers
1,072139
add a comment |
up vote
1
down vote
up vote
1
down vote
If you are using https everything is already encrypted. Assuming there is some sort of authentication to access your application, I would probably just proxy the parameters to the Okta API (maybe with some validation to avoid sending known bad requests).
Does that help?
answered Nov 12 at 21:33
Brian Demers
1,072139
If you are using https everything is already encrypted. Assuming there is some sort of authentication to access your application, I would probably just proxy the parameters to the Okta API (maybe with some validation to avoid sending known bad requests).
Does that help?
answered Nov 12 at 21:33
Brian Demers
1,072139
answered Nov 12 at 21:33
Brian Demers
1,072139
answered Nov 12 at 21:33
Brian Demers
1,072139
answered Nov 12 at 21:33
Brian Demers
1,072139
1,072139
add a comment |
add a comment |
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53269290%2fhow-to-pass-certificate-over-rest-request%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
