Towards ONEiO, we recommend to use http basic authentication. It's also possible to use WS-Security to sign the messages and require ONEiO to accept only properly signed messages. Towards customer, you are also able to use client certificate, form based authentication, OAuth2 and WS-Security message signing. If there is a need to use some other way, we can evaluate it case by case.
Please sign in to leave a comment.