Welcome Guest! Log in
Stambia versions 2.x, 3.x, S17, S18, S19 and S20 are reaching End of Support January, 15th, 2024. Please consider upgrading to the supported Semarchy xDI versions. See Global Policy Support and the Semarchy Documentation.

The Stambia User Community is moving to Semarchy! All the applicable resources have already been moved or are currently being moved to their new location. Read more…

Various HTTP securities exists while working with web technologies such as HTTP REST APIs, for protection of the privacy and integrity of the exchanged data while in transit.

Article purpose is to demonstrate how to create an HTTP Security Metadata.

  • Stambia DI Designer S20.1.0 or higher


Metadata Creation

Create a new Metadata and select "HTTP Security" in Metadata creation and name it:

metadata security


The created HTTP security Metadata is opened in Metadata Editor and you have to add security.


HTTP Security Creation

Right click on the node and select "New", then select the security type

security type


HTTP security properties definition

The security definition is specific according to the selected Security type.

Available HTTP security type are listed in this table:


HTTP Security Type Properties and Description
  • Name: Basic security name
  • UserName: Security username
  • Password: Security password
OAuth Security
  • Name: OAuth security name
  • Token: credentials used to access protected resources
  • Token Secret
  • Consumer key
  • Consumer secret
  • Callback URL
OAuth2 Security

As indicated in its name, OAuth2 Security is a recent version of OAuth security.

OAuth2 Security have several flows available.

Refer to your OAuth2 provider to know which one to use and with which attributes.

NTLM Security
  • Name: NTLM security name
  • UserName
  • Password
  • Domain


Once the HTTP Security created it is ready to be used in the other Metadata that support it, such as HTTP REST Metadata.



Suggest a new Article!