Authentication Security Best Practices

(4 reviews)

insecure-basic-auth

general > insecure-basic-auth


Guidance

Your API accepts basic authentication credentials sent in cleartext over an unencrypted channel. Attackers can
easily intercept API calls and retrieve the credentials. They can then use the credentials to make other API calls.

Applies to Operation

Constraint

Type: Declarative Validation

Reviews

TypeRuleset
OrganizationMuleSoft
Published by
MuleSoft Organization
Published onApr 25, 2022
Asset overview

Asset versions for 1.0.x

Asset versions
VersionActions
1.0.0