To secure a consumed REST APIs with authentication via client side certificates you’ll need to send the client side certificate on the request to the server.
Configuring your application
This can be achieved with the use of the REST Extensibility API:
- Create an extension and develop application code to use the client-side certificate.
- In the extension you'll need to include the installation path of your client certificates:
- Customize the request with the OnBeforeRequest property of your REST API before making the web request call.
- If necessary, force the usage of a specific TLS version by using
ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType. Check the code sample for details on the SetTLSVersion action. This might necessary when connecting to legacy servers.
An example of this implementation is available at OutSystems Forge, on the HTTPS Consumer component that already reflects the actions above.