1 Reply Latest reply: Mar 8, 2013 9:46 AM by 972629 RSS

    PeopleSoft WebService Security

      BackGround: We have "Provided few PeopleSoft WSDLs" to a third party that uses these WSDLs to fetch data from PeopleSoft. (Perfect!)

      Problem: Anyone else other than the third party, who knows the WSDL URL and Request Parameters can get the data from PeopleSoft. (Not Good!)

      Question: What is the simplest way to implement WSDL / WS Security so that only a particluar external system/target system (Fusion/Salesforce/etc..) can only invoke them to fetch data from PSFT? (or) In other words, Can we configure the PeopleSoft IB with a 'white list' of requesting domains that are allowed to invoke the services, say (google.com,salesforce.com,oracle.com)

      Any Simple suggestions to make these WSDL URLs safe will be greatly appreciated! Thank You!
        • 1. Re: PeopleSoft WebService Security
          HI ,
          1) You can use the Service Operation security link ( on service operation General tab) to give access to particular group by a permission list.
          2) Using the routings for the service opeartion, exposed as Web service select the specified nodes only. At place of Any to local specify the required integration node.