• Adding an OAuth consumer requires the transmission of sensitive data. To prevent 'man-in-the-middle' attacks, it is recommended that you use SSL for your applications while configuring OAuth authentication.
  • Do not link to an application using OAuth authentication, unless you trust all code in the application to behave itself at all times. OAuth consumers are a potential security risk to the applications that they are linked to because of the ability to impersonate users. If your server is compromised, the data there and on linked servers is at risk.
  • New application links now use OAuth by default and enable both 3-legged OAuth (3LO) and 2-legged OAuth (2LO).
  • When updating older application links (that perhaps used Trusted Apps authentication) to use OAuth, 3LO is enabled by default, but you need to explicitly enable 2LO using the check box in the application link configuration settings.
  • Only use the 2LO with impersonation option in the application link configuration settings if your servers both have the same set of users and the servers fully trust each other.
  • No labels
 




 

Except where otherwise noted, content in this space is licensed under a Creative Commons Attribution 2.5 Australia License.