You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register

Third-party to use Fusion HCM REST API - Suggestion on Authentication Method

Received Response
53
Views
8
Comments
edited Mar 13, 2024 9:57AM in Applications Security 8 comments

Summary:

Suggestion on Authentication Method to be used for REST API authentication

Content (please ensure you mask any confidential information):

We are using Fusion HCM and need to grant REST API access to one third party customer to get worker information from Fusion HCM

As per the documentation currently the below methods are available.

  •  Basic authentication (Should have the UserName and Password)
  • SAML (Security Assertion Markup Language) 
  • JWT (JSON Web Token) 

We are not planning to use the below methods due to the underlying security gaps

  •  Basic authentication (Should have the UserName and Password) 

 - We cannot control how the third-party keeps the password, they might keep it as plain text which will be a risk 

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!