if calls are done over http (non enctypted) and goes over internets, problem. for example calls for tenant tokens use password / username combo, and if they go in plain over internets, not cool. make sure that this is mentioned int he installation docs. we don't want to enforce https, since the network desing might protect this traffic in other methods.
55
commented
4 years ago
if calls are done over http (non enctypted) and goes over internets, problem. for example calls for tenant tokens use password / username combo, and if they go in plain over internets, not cool. make sure that this is mentioned int he installation docs. we don't want to enforce https, since the network desing might protect this traffic in other methods.