We're aware of an issue causing "Access Denied" errors when using this site. This may occur because multiple tabs are in use. As a potential workaround, try using one single tab and refreshing the page. Thank you for your patience as we work to resolve the issue.

Create an authentication profile

Watch

Save as PDF

Share this page

Feedback

HomeWashington DC Platform securityAccess ManagementAuthenticationAPI access policySOAP API access policiesCreate an authentication profile

Table of Contents

Create an authentication profile

Release version:
Washington DC
Yokohama
Xanadu
Vancouver
UpdatedFeb 1, 2024
2 minutes to read

Washington DC
Platform Security

Create an authentication profile and add one or more authentication policies to the profile. You can also configure the ID Token and OAuth Token authentication profiles that are available by default.

Before you begin

Role required: admin

Note: You can apply authentication policies, IP range, role-based, user-based, and so on with mutual authentication and customized authentication.

Procedure

Navigate to All > System Web Services > API Access Policies > Inbound Authentication Profiles.
Select New.
The system displays the message. What kind of authentication profile?
Choose What Kind of authentication profiles?.
- Create standard http authentication profiles
- Create WSSE authentication profiles

On the form, fill in the fields.

Search:

Table 1. Standard Authentication Profile form
Field	Description
Name	Name to identify the authentication policy.
Description	Description of the authentication policy.
Active	Option to make the authentication policy active.
Application	Scope of the authentication policy.
Type	Type of the authentication available. You can select Basic Auth, ID Token, Certificate based Auth, OAuth, or WSSE (In case of WSSE Authentication profile).
OAuth Entity	OAuth Entity profile. This field appears only when ID Token or OAuth is selected from Type.

Double-click Insert a new row.
Select an authentication policy from the list and select the save icon .
Note: Don’t select Allow Access Policy or Deny Access Policy. These policies are meant only for user logins.
You can add one or more authentication policies for an authentication profile.
When there’s a change in the authentication profile, the Authorization header returns a value specific to the changes made at that time. To have the ability to get all the authentication schemes returned in the `WWW-Authenticate` header, you must activate glide.security.response.authenticate.header.auth_profile.first_scheme_only to false. The response is returned with multiple headers. For example:
```
< WWW-Authenticate: BEARER realm="Service-now"
< WWW-Authenticate: BASIC realm="Service-now"
```

Was this topic helpful?

Yes No

Activate SOAP API access policy

Create SOAP API access policy

Activate SOAP API access policy

Create SOAP API access policy

Washington DC Platform security

Filters

Versions

Products