Securing Communication Path Between IdentityIQ and IQService

TLS Communication

The Active Directory connector supports TLS communication for IQService.

Note
Client Authentication is mandatory for operations that use IQService with TLS Communication. Before configuring TLS Communication, install the IQService on the TLS port with the following command as client authentication is mandatory: IQService.exe -i -o <TLS Port Number>

To enable TLS communication, complete the following:

1. On the application configuration page, select the Use TLS for IQService checkbox.

   For more information on the TLS communication between IQService and an IdentityIQ, see IQService.

2. Select Save.

Client Authentication

The Active Directory connector supports client authentication for IQService. This ensures that IQService is communicating with an authorized version of IdentityIQ.

To configure the client authentication, you need to have a domain user whose credentials can be used for connection between IdentityIQ and IQService. This user must be able to self-authenticate on the IQService host machine. To ensure that the authentication works correctly, IQService expects the client to send the credentials of a user that is already registered with every request.

To enable client authentication, complete the following:

1. On the application configuration page, enter the credentials in the IQService User and IQService Password fields.

   For more information on the client authentication, refer to IQService.

2. Select Save.