Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Current »

  • Endpoint
    • The web service endpoint that is the root for all queries
    • This is typically of the form protocol://resource e.g. https://api.google.com
    • This end point can be extended when the connection is used to create an adaptor
    • No trailing slash or question mark is necessary here
  • Constant Query Parameters
    • This is the list of query parameters that will not change or be overridden in the adaptor 
    • Typical use is for an api key that does not change
    • Additional query parameters can be added in the adaptor
    • Click on  to bring up menu to add a query parameter
    • Click on  for an existing query parameter to delete it
  • Constant HTTP Request Headers
    • This is the list of HTTP request headers that will be sent for all requests for any adaptor that uses this connection.
    • Typical use for for unchanging headers like 'Content-Type' 
    • They are constant (cannot be dynamically set).  If wanting a dynamically set header, they can be set on individual adaptors
    • Click on  to bring up menu to add an HTTP request header
    • Click on  for an existing HTTP request header to delete it

If changing the endpoint, or the value for a query parameter or HTTP request header, remember to save the Connector to update the definition. 

See Also: 




Mutual Authentication

Mutual Authentication is an optional additional security feature provided by Xponent. Mutual Authentication is off by default for REST web service connections. 

Mutual authentication or two-way authentication refers to two parties authenticating each other at the same time. This is an added security protection that is often implemented in  internal business application. By default the Transport Layer Security (TLS) protocol only proves the identity of the server to the client using X.509 certificate and the authentication of the client to the server is left to the application layer.

TLS also provide client-to-server authentication using client-side X.509 authentication. This requires provisioning of the certificates to the clients. Mutual TLS authentication (mTLS) is widespread in business-to-business (B2B) applications as it insures that only a limited number of programmatic and homogeneous clients are connecting to specific web services, the operational burden is limited, and security requirements are greater.

In order to allow a client to communicate with a Mutual Authentication protected endpoint, Xponent Engine's certificate authentication chain must be added to the server's configuration for trusted client certificate chains. Xponent's public certificate will be provided in the bundle as well.

Obtaining The Public Certificate

The first step in setting up Mutual Authentication is to obtain the proper certificates from Xponent to register with your gateway server or firewall. To do this, email support@xponent.com to request the certificates for Mutual Authentication. Our support team will reach out to you with the necessary certificates for your account.

Configure Web Server / Gateway

Once you have the client-side certificates, they need to be registered with your web-server or gateway. This process may differ based on your server configuration, but the systems administrator for the business application should be familiar with how to register new certificates.

Enable Mutual Authentication in the REST Connection

The next step in setting up Mutual Authentication is enabling the feature for a specified environment and REST Web Service connection. This ensures that Xponent will properly authenticate via certificate with the endpoint it is targeting.  

  • Click the Project Settings tab and then the Connections tab within your project

  • Select the REST Web-Service Connection and Environment you want to enable Mutual Authentication (Please note this feature is only available for REST Web-Service connections)

  • Type in the Endpoint that you would like to connect to
  • Select the "On" Radio button under the "Mutual Authentication" Header and click Save Edits

Please note: all requests made through this connection and environment will now utilize Mutual Authentication.

Test Mutual Authentication is Working Properly

The last step is to ensure that outbound requests from Xponent are properly authenticated with the client. To test this, set up a graph that uses the REST Web-Service connection and run the graph visually in the environment that is configured for Mutual Authentication. If the connection succeeds, then Mutual Authentication is working correctly. If it fails - typically with a 401 Unauthorized response, the Visual Testing Console will display the error message that was received when trying to call the internal business application.



  • No labels

Privacy Policy
© 2022 CSG International, Inc.