Security - WS-Security


Used to create, update, delete and browse Web Services Security definitions as per OASIS Standard 200401 Username Token Profile V1.0 specification.

The definitions can be used by plain HTTP/SOAP channels and outgoing connections.


Create and Edit

Header Notes
Name Connection name
Username WS-Security user name
Reject empty nonce creation timestamps Consult spec
Reject stale username tokens Consult spec
Expiry (seconds) After how many seconds after its creation a request should be rejected (consult spec)
Nonce freshness (seconds) After how many seconds after their creation unique nonces should be rejected (consult spec)

A newly created security definition has a password set to a random UUID4 and needs to be changed in order to be usable.

Change password


Updates a definition’s password - the password is stored in the ODB along with other details of a security definition.



Deletes a security definition and all the connections that make use of it.


It needs to be emphasized that any plain HTTP or SOAP channels and outgoing connections that were using the definition will also be deleted automatically.


Version Notes
1.0 Added initially