API Security
Essential information for successful handshakes.
The interface is stateless and requires authentication for each request. All incoming traffic is scanned and alerted for known attacks. Logs are monitored for misuse and fraud. Also, Innovis Gateway restricts via IP address allow list.
Accepted TLS Versions
- TLS1.2
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
- TLS1.3
- TLS_AES_256_GCM_SHA384
- TLS_CHACHA20_POLY1305_SHA256
IP Allow List
Innovis Gateway for Production and UAT environments restricts access based on IP addresses. The integration partner/customer will need to provide IP (preferably NAT) addresses to add to the allow list for Gateway access.
Updated about 7 hours ago