Oracle Communities

Oracle Analytics and AI

Child Item

Enable JWT token-based authentication for BIP web service calls

Currently, to retrieve the BIP output of a seeded ESS job via BIP web services, we use the endpoint xmlpserver/services/v2/ScheduleService?wsdl. However, this approach requires sending the username and password within the payload body, which is not a recommended or secure practice. Is it possible to enable JWT-based authentication for BIP web service calls to enhance security and align with best practices?

Find more posts tagged with

BIP

authentication

Needs Votes

JWT

Status: Needs Votes

Comments

Prithvi_Raj

This will be useful for securing WSDL access to BIP Web Services. In our production accounts, only token-based access is permitted.

John Chan

I support this also as using basic authentication goes against our design principles especially when Oracle Fusion REST API can use JWT Tokens so why cant BIP web service. It increases risk as we have to change the Production password whenever someone leaves our organisation. Also for auditing and meeting our password policies, then we have to change the password several times a year.