Thank you for supporting the Cloud Customer Connect Community in 2024. It's a gift to work with you!

Look back
You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register

Third-party to use Fusion HCM REST API - Suggestion on Authentication Method

edited Mar 13, 2024 9:57AM in Applications Security 8 comments

Summary:

Suggestion on Authentication Method to be used for REST API authentication

Content (please ensure you mask any confidential information):

We are using Fusion HCM and need to grant REST API access to one third party customer to get worker information from Fusion HCM

As per the documentation currently the below methods are available.

  •  Basic authentication (Should have the UserName and Password)
  • SAML (Security Assertion Markup Language) 
  • JWT (JSON Web Token) 

We are not planning to use the below methods due to the underlying security gaps

  •  Basic authentication (Should have the UserName and Password) 

 - We cannot control how the third-party keeps the password, they might keep it as plain text which will be a risk 

Tagged:

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!