This section describes security mechanisms used to protect the integration between you and Minna.
All endpoints require the HTTP Authorization header, which are to include an access token. In the getting started with authentication guide you can read about how to set this up and get access to Minna's system. The authentication builds on OAuth2.0. In order to use our products you are required to follow the steps described in the guide.
We do not require any additional security mechanism other than the authentication. However, we highly recommend to also set up either mutual TLS or IP whitelisting. To get advice, or enable any of the mentioned security mechanisms, reach out to us.
Minna offers the possibility to enable mutual TLS (mTLS) between you as a client, and Minna as a server, in addition to the required authentication. This means that you as a client will trust Minna's server certificate and Minna as a server will require your client certificate.
Minna offers the possibility to enable on top of the mandatory authentication. We configure our servers to only allow requests from your IP addresses.
Updated 10 months ago