Solved: Security around App Broker and Cloud FNMS connection

a_cutler2 · ‎Dec 01, 2020

A customer has strict requirements around connections made directly to outside of their network/data center without going through some type of middleware and is wondering about some of the details regarding how App Broker connects to Cloud FNMS to perform license checks that I can't seem to find in any of the documentation:

When App Broker calls FNMS to perform license checks, is the two way connection synchronous or is it an outbound message that is followed up by a separate inbound message?
Does/can the connection utilize Oauth 2.0?
Does FNMS ever initiate a connection or is it only initiated by the App Broker App Server?

CharlesW · ‎Dec 02, 2020

It should be a synchronous call.. As mentioned, the code blurb I provided is similar to what App Broker is making.. I believe that the Access token in the header is an Oauth token... FNMS itself never initializes a connection to App Broker.. The only communication between the two occurs when App Broker calls the FNMS Compliance API to perform various tasks.

View solution in original post

CharlesW · ‎Dec 02, 2020

It should be a synchronous call.. As mentioned, the code blurb I provided is similar to what App Broker is making.. I believe that the Access token in the header is an Oauth token... FNMS itself never initializes a connection to App Broker.. The only communication between the two occurs when App Broker calls the FNMS Compliance API to perform various tasks.