A---- No Client Authentication (Anonymous Client)
S---- Client Authentication with TLS Certificate (self-signed)
T---- Client Authentication with TLS Certificate (CA-signed)
H---- Client Authentication with HTTP Signature
-T--- Server Authentication with TLS Certificate (CA-signed)
-H--- Server Authentication with HTTP Signature
--T-- Request Encryption only with regular TLS
--E-- Request Encryption with ewp-rsa-aes128gcm
---T- Response Encryption only with regular TLS
---E- Response Encryption with ewp-rsa-aes128gcm
APIs defined in manifest
Parameters are values used by validators when they perform calls to APIs. You should leave those fields empty, validators are able to find proper values themselves. However there are certain cases when you would like to fill those fields.
When should I fill those fields?
- You would like to see if your API works with parameters different than ones found by the validator.
Validator obtains its parameters using API you do not support.
E.g. if you want to validate Courses API, validator will use Course Replication API to find
los_idparameters that can be used to query Courses API. If your host doesn't implement Replication API the validator will report that it cannot find required API and won't perform tests. In that case you can manually provide
los_idvalues from you database. Validator will run tests using that values.
How to find out what parameters are used by the validator?You should look at details of requests made by the validator, they are used as parameters for HTTP requests with same names.
What is the meaning of parameter X?Look at the specification of the API you are validating, parameters used here are subset of those described there.
If you manually enter parameter please take care to provide correct values, they cannot be verified and are assumed to be correct. Providing invalid parameters will result in failed tests.