Security and Authentication
To protect data from unauthorized access, Magento data stores require connections to be authenticated with an access token or your Magento credentials. Some data stores also require connections to be encrypted using the Secure Sockets Layer (SSL) protocol. The Simba Magento JDBC Connector provides full support for these authentication protocols.
Note:
In this documentation, "SSL" indicates both TLS (Transport Layer Security) and SSL (Secure Sockets Layer). The connector supports industry-standard versions of TLS/SSL.
The connector uses a token-based authentication protocol for authentication and authorization. You can authenticate your connection by specifying an access token, or by providing your Magento credentials so that the connector retrieves and uses the corresponding access token. For detailed information about this authentication protocol, see "Token-based Authentication" in Getting Started With Web APIs: http://devdocs.magento.com/guides/v2.2/get-started/authentication/gs-authentication-token.html. For detailed configuration instructions, see Configuring Authentication.
Additionally, the connector supports SSL connections with or without one-way authentication. SSL encryption protects data and credentials when they are transferred over the network, and provides stronger security than authentication alone. For detailed configuration instructions, see Configuring SSL Verification.
The SSL version that the connector supports depends on the JVM version that you are using. For information about the SSL versions that are supported by each version of Java, see "Diagnosing TLS, SSL, and HTTPS" on the Java Platform Group Product Management Blog: https://blogs.oracle.com/java-platform-group/entry/diagnosing_tls_ssl_and_https.
Note:
The SSL version used for the connection is the highest version that is supported by both the connector and the server, which is determined at connection time.