Require authorization for import requests [Updated in Security Center 1.3]

  • Release version: Washingtondc
  • Updated February 1, 2024
  • 1 minute to read

    • Use the glide.basicauth.required.importprocessor property to designate if incoming import requests should require basic authentication.

    More information

    Warning:
    This is a safe harbor property, meaning the value can't be altered once it's changed. It is non-revertible.
    Attribute Description
    Property name glide.basicauth.required.importprocessor
    Configuration type System Properties (/sys_properties_list.do)
    Category API and web service
    Purpose To enforce basic authentication on import requests.
    Recommended value true
    Security risk rating 5.3
    Functional impact This remediation enforces a combination of authentication methods, in the form of basic authentication and system level access control.
    • It performs this authentication while importing data sources into the instance tables/pages.
    • It restricts any guest users who are currently accessing this data. If applicable, you may need to create a new account for users who need access to this content, with necessary access control permissions.

    To learn more, see Retrieving data from a CSV formatted file.
    Security risk (Moderate) Without appropriate authorization configured on the datasource import requests, an unauthorized user can get access to sensitive content/data on the target instance.
    References SOAP web services security SOAP web service