1

Question

Given two cloud services, Sender A & Receiver B, communicating over HTTPS, what options do I have to ensure that Receiver B only response to Sender A? For the purposes of

Background

The receiver is generating activation keys for some hardware from a serial number. Our support team is using Salesforce and we're making callouts from Salesforce to an Azure service to generate the key. Since neither are behind a firewall we want to make sure that only request from our Salesforce instance can generate an activation key.

My thought was just to create a nice long key stored on both sides that could be used to validate the request, but I'm not a security expert and don't know if there is anything else I should be considering.

Improve this question
0

2 Answers 2

Reset to default
3

You're probably looking for client certificates. It depends on the cloud environment's ability to allow you manage the ssl certificates, but here is another stackexchange article about it: https://security.stackexchange.com/questions/14589/advantages-of-client-certificates-for-client-authentication

Improve this answer
0

I would recommend a SSH tunnel: http://www.ibm.com/developerworks/aix/library/au-tunnelingssh/ https://en.wikipedia.org/wiki/Tunneling_protocol

Improve this answer

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.