You can add security to your Web flows by using, in Service Studio, the following types of HTTP security:
SSL: Means that the HTTPS protocol is used in the requests; however, client certificates can be accepted but are not required.
SSL with client certificates: Means that the HTTPS protocol is used in requests and client certificates are required.
Using HTTP Security
This security can be applied to the elements below by setting the HTTP Security property:
Web Flows: The value specified for the web flow is used as a default for all of the web screens. The possible values are: None, SSL, and SSL with client certificates.
Web Screens: The possible values are: empty (the value used is the value specified for the web flow), None, SSL, and SSL with client certificates.
SOAP Web Services: The possible values are: None, SSL, and SSL with client certificates.
How to Add Security to your Elements:
Simply select the element and define the HTTP Security property with the suitable value.
If you access an application using an explicit secure request (using HTTPS://), the OutSystems Platform will maintain the secure protocol while navigating over non secure elements (HTTP Security set to None). However, if you navigate over both secure (HTTP Security set to SSL or SSL with client certificates) and non secure elements, leaving a secure element for a non secure element will cause the protocol to be switched to non secure (HTTP://).
Client Certificate Actions
Service Studio provides two System Actions that you can use when you are using client certificates:
Use Internal Network | Web Flow Properties | Web Screen properties | Exposed SOAP Web Service Properties