Certificate-based Authentication

IBM® Connect:Direct Web Services uses the following two client authentication methods to establish the identity of the requesting REST client and determine whether that client is authorized to connect to Connect:Direct server using the credentials supplied:
  • Username/password-based authentication
  • Certificate-based authentication

Passwords configured are set to expire at some interval and must be changed. Any time the password is changed it results in tedious password management routine in a large deployment.

To ease password management routines for REST client over a TLS connection, Connect:Direct Web Services extends its client authentication process to allow certificate-based authentication.

The following sections explore certificate-based authentication in the context of Web Service's RESTful API interface.