Re: [Architecture] WSO2 IS/APIM : support Mutual TLS Profile for OAuth 2.0 ?
Hi Sathya, We need to implement the regulatory requirements (http://www.etsi.org/deliver/etsi_ts/102600_102699/10264003/02.01.01_60/ts_10264003v020101p.pdf), in particular: 6.3 : REM Sender/REM Recipient Authentication b) Enhanced: using enhanced authentication such as two factor authentication mechanisms linked to a one time password; c) Strong: mutual SSL authentication, which includes client’s side user certificate; Can't access to https://docs.wso2.com/display/IS550/Mutual+TLS+for+OAuth+Clients Thanks Youcef HILEM -- Sent from: http://wso2-oxygen-tank.10903.n7.nabble.com/WSO2-Architecture-f62919.html ___ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
Re: [Architecture] WSO2 IS/APIM : support Mutual TLS Profile for OAuth 2.0 ?
Hi Youcef, Currently this feature supports client authentication using self-signed certificates. You can refer the official documentation at [1]. [1] https://docs.wso2.com/pages/viewpage.action?spaceKey=IS550=Mutual+TLS+for+OAuth+Clients Thanks, Sathya On Fri, May 4, 2018 at 1:50 PM, Youcef HILEMwrote: > Hi, > Good news : I just found that it's implemented : > [1] https://github.com/wso2/product-is/issues/2751 > [2] > http://wso2-oxygen-tank.10903.n7.nabble.com/IS-5-5-0-TLS- > Mutual-Authentication-for-OAuth-2-0-clients-td155448.html > [3] > https://medium.com/@technospace/mutual-tls-for- > oauth-client-authentication-cdd595d4dcac > > I will see how to use it with APIM. > > > Thanks > Youcef HILEM > > > > -- > Sent from: http://wso2-oxygen-tank.10903.n7.nabble.com/WSO2- > Architecture-f62919.html > ___ > Architecture mailing list > Architecture@wso2.org > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > -- Sathya Bandara Software Engineer WSO2 Inc. http://wso2.com Mobile: (+94) 715 360 421 <+94%2071%20411%205032> <+94%2071%20411%205032> ___ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
Re: [Architecture] WSO2 IS/APIM : support Mutual TLS Profile for OAuth 2.0 ?
Hi, Good news : I just found that it's implemented : [1] https://github.com/wso2/product-is/issues/2751 [2] http://wso2-oxygen-tank.10903.n7.nabble.com/IS-5-5-0-TLS-Mutual-Authentication-for-OAuth-2-0-clients-td155448.html [3] https://medium.com/@technospace/mutual-tls-for-oauth-client-authentication-cdd595d4dcac I will see how to use it with APIM. Thanks Youcef HILEM -- Sent from: http://wso2-oxygen-tank.10903.n7.nabble.com/WSO2-Architecture-f62919.html ___ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture