Basic auth: JSONv2 requests (instance security hardening)

  • Release version: Washingtondc
  • Updated February 1, 2024
  • 1 minute to read

    • Use the glide.basicauth.required.jsonv2 property to designate if incoming JSONv2 requests should require basic authorization.

    More information

    Attribute Description
    Property name glide.basicauth.required.jsonv2
    Configuration type System Properties (/sys_properties_list.do)
    Configure in Instance Security Center Yes
    Purpose To enforce JSONv2 requests authorization.
    Recommended value true
    Functional ImpactThis remediation enforces a combination of authentication methods, in the form of basic authentication and system level access control.
    • It performs this authentication while retrieving data from tables/pages in the form of JSON data on the instance.
    • It restricts any guest users who are currently accessing this data.
    • Create an account for a user who needs access to this content, with the necessary access control permissions.

    To learn more, see JSONv2 Web Service JSONv2 Web Service.
    Security risk (High) Without appropriate authorization configured on the data source JSON requests, an unauthorized user can access sensitive content/data on the target instance.
    References Authentication

    Requiring basic authentication for incoming JSONv2 requests

    To learn more about adding or creating a system property, see Add a system property.