Authentication using System Session ID
Article # 3038075 - Page views: 214
Issue
We notice that it is possible to call KTA API methods with the System Session ID. Is there a way to ensure that authentication has been performed first?
Solution
A session ID is provided as a result of authentication in KTA. You can pass the System Session ID directly to the API to effectively bypass authentication. Therefore, this is expected behaviour.
KTA offers a variety of authentication methods, such as user name and password, Windows Authentication, Federated Security, etc. Since KTA 7.9, KTA can also use OAuth 2.0.
Level of Complexity
Easy
Applies to
Product | Version | Build | Environment | Hardware |
---|---|---|---|---|
KTA | All |
References
Add any references to other internal or external articles
Article # 3038075