Digest token authentication The digest token authentication passes user credentials and a digest token within an unencrypted HTTP header. The instance reads the HTTP header value and compares its computed hash value of the digest token. If the computed hash value matches the digest token value, then the instance searches for a matching value in the User table. If there is a matching value in the User table, the instance considers the user pre-authenticated and logs the user in. Digest token authentication is more secure than simple unencrypted HTTP headers because any accidental or intentional change to the unencrypted HTTP header produces a different hash value. If the hash value fails to match, the instance denies the user access to the requested instance. This prevents users from attempting to login with another user's credentials. Integration requirements A Digest Token Authentication integration requires: A web server SiteMinder or another single sign-on application to pre-authenticate the user on the local network A web page or portal that passes user credentials to the target instance in one of these formats HTTP Header URL parameter Cookie A web page or portal that creates and passes a digest token to the target instance using one of these encoding techniques SHA1 MD5 Set up Digest Token AuthenticationSetting up digest token authentication involves generating an unencrypted HTTP header and token, then enabling an installation exist and configuring properties.Sample digest token implementationsHere are several samples of creating a digest token.Sample Java digest algorithm for encryptionThis Java algorithm illustrates creating a digest token from an HTTP header.Sample CThis C class illustrates creating a digest token from three input parameters.