Author(s): Ian Brown, September 2022
- See Also: Single Sign-On (SSO)
Mutual TLS, or mTLS for short, is a method for mutual authentication. mTLS ensures that the parties at each end of a network connection are who they claim to be by verifying that they both have the correct private key. The information within their respective TLS certificates provides additional verification.
mTLS restricts API access to specific PCs/Machines/Devices that have the mTLS certificate installed.
mTLS will prevent bad actors from accessing your sandbox or production environment or from using your client/secret API keys without permission.
mTLS provides an extra layer of security to ensure bad actors from remote machines can't access your data. Even if they have access to your API Keys.
Your account is identified by your Client ID and secured by a Client Secret. These keys authorize you to perform REST API requests. These credentials are required to be sent with each API request.
You need both the mTLS certificates and API keys to before you can access our APIs.
Read our Postman, C# or Python Tutorials for code examples