- This line was added.
- This line was removed.
- Formatting was changed.
IntroductionA Jitterbit Harmony Security Profile
A security profile governs and secures the consumption of APIs. The profile allows you to secure one API or a group of APIs to be consumed Jitterbit Custom, OData, and Proxy APIs by a specific API consumer or a group of consumers. You can create A member of an organization role with Write access in an environment can create and assign security profiles to APIs based on your their organization's specific security and governance requirements .
Multiple independent settings in the profile provide the ability to customize security levels. Using a combination of independent settings allows you to create specific levels of security for specific use cases.
To access the Security Profiles page, log in to the Harmony portal and select the API Manager card. Click on My APIs in the upper left corner and select Security Profiles in the dropdown.
The security profiles index will be displayed, showing a repository of existing API Manager security profiles:
Name: The name of the security profile entered during creation of the profile.
Type: The authentication method (Anonymous, Basic, OAuth 2.0) that will be used to authenticate and access the APIs assigned to this profile.
Environment: The name of the environment selected during creation of the profile. Each security profile applies to only one environment and is used to authenticate only the APIs within the assigned environment.
Description: The optional description of the security profile. The description displays in the security profiles index.
Rate Limit: The number of API hits allowed per minute using the profile to authenticate and access the assigned APIs.
Create a New Security Profile
To create a new security profile, click the Create New Profile button.
For detailed instructions to create a new profile, see Security Profile Configuration.
Edit an Existing Security Profile
Delete an Existing Security Profile
Authentication options that can be configured for API consumers to access an API that is assigned a particular security profile include Anonymous, Basic, OAuth 2.0, and API Key. Supported OAuth 2.0 identity providers include Azure Active Directory (AD), Google, Okta, and Salesforce.
Creating a security profile and assigning it to an API is not required. If you do not assign a security profile to an API, the API authentication is set to anonymous and anyone can access the API.
These pages provide detailed information on configuring a security profile and configuring a supported identity provider:
- Security Profile Configuration
Detailed information on configuring a security profile.
- API Identity Provider Configuration
Instructions for configuring a supported OAuth 2.0 identity provider for use with a security profile:
Last updated: lastmodifieddate