It is necessary to secure calls to AFS Web Services, in order to restrict access to allowed users.
To secure calls to AFS Web Services thanks to afs:key.
Using AFS Back-Office:
- Edit the QEng/Webservices/key parameter.
- Set it to the desired Key value.
Calls to AFS Web Service need the afs:key parameter to be set to the correct value.
This parameter allows to authenticate calls to AFS web services.
Optional. By default, this parameter is not necessary.
If configuration variable QEng/Webservices/key is set, then calls to AFS web services (search, acp, click, content) must contain the key thanks to the parameter afs:key.
If the key is false or omitted, the query is rejected and user receive a 403 HTTP error.
If configuration variable is not set, the afs:key parameter is ignored. In this case, non-authenticated queries are allowed.
In configuration, QEng/Webservices/key variable is set to myKey:
All calls to AFS web services must contain afs:key=myKey, example: