JavaScript Transporter Security Considerations
The JavaScript Transporter allows you to integrate Archer with external systems without a middleware. You can use the JavaScript Transporter to upload and execute a NodeJS program. The NodeJS program can consume APIs exposed by external systems to process and feed data into Archer. Here are a few security recommendations to consider when using this feature:
- Communicate with external systems using APIs protected by SSL\TLS protocol.
- Communicate with external systems using APIs that involve a strong authentication mechanism.
- Mark sensitive parameters as "Protected" in the Custom Parameters section of the Transport tab in the JavaScript Transporter Settings in the Archer Control Panel.
- If you create a JavaScript file, it is recommended to sign the file and enter the digital thumbprint of the trusted certificate in the JavaScript Transporter Settings in the Archer Control Panel. For more information, see "Obtaining Digital Thumbprints" and "Configuring JavaScript Transporter Settings" in the Archer Control Panel Help.