Securing the ActivID Appliance Services

General Considerations

ActivID Appliance is a Java-based application that exposes HTTPS for communicating with the web browsers that the operators and users are using to access the ActivID Appliance portals.

The HTTPS engine also provides a web services interface for some of the ActivID Appliance APIs and exposes these APIs via SOAP or RESTful endpoints.

Diagnostic Packages

ActivID Appliance diagnostics are used to identify the nature and cause of any issues that occur regarding ActivID Appliance operations. System administrators can perform diagnostics using an ActivID Console feature that collects issue resolution data required by the HID Global technical support team to resolve issues.

Legacy Service Support

Warning! All services SHOULD be configured to use the strongest security possible. If legacy compatibility is required then the security vulnerabilities should be understood before enabling.

Legacy SOAP Web Services

Previous versions have an RPC SOAP Web Service which is now replaced by a Web Service Basic Profile compliant service. This legacy RPC service uses the Axis 1.4 framework which is no longer maintained and has known security vulnerabilities. Only enable this if support of the legacy RPC Web Service is mandated.

Legacy Applet

The ActivID Self-Service Portal contained a Web-based Soft Token (ActivID Token for Web) to generate an OTP for user authentication.

For security reasons, ActivID Tokens for Web are no longer supported. Any affected users should be migrated to alternative authentication methods such as a mobile application.

If you want to continue using web soft tokens (not recommended), contact HID Global Professional Services.