One of My Vendor wants to call my web service in their application. No Manual interaction is involved . I provide them a personal certificate and service account with password. Now I want to authenticate the traffic coming from my vendors application and pass it to my web service . I am running 11.6 , so no oauth is possible . How can I authenticate the traffic in this situation.
any help will be highly appreciated .
is this an API call?
yon can configure your client ssl profile to require client certificate and use clientless mode with an APM policy to validate the username/password provided.
Some examples and references here:
APM Operations Guide
Yes , this is an API call .
the Web service is behind my F5 is WSDL.
so when they call the url, it looks like this
Thanks for the document links . I will try and let you know the results.
As said you can configure :
here id a code share example for XML based authentication : https://devcentral.f5.com/codeshare/form-based-authentication-with-external-soap-web-services-910