This content has been marked as final. Show 2 replies
OAM 11g R2 has BasicSessionlessScheme in which you can set Challenge Parameters: CookieLessMode=true for cookieless mode.
Please refer to 11g R2 OAM documentation for more details.
What are the drawbacks of the cookieless approach?
Is it valid for SSO?
We want to secure a WEB API with OAM, and that API will be accessible by Browsers, Mobile Apps and other devices, most of them don't support cookies.
Could anyone explain if OAM can help us with that?