Symptom
You want to enable HTTP Strict Transport Security (HSTS) in SuccessFactors
Environment
SAP SuccessFactors HCM Suite
Resolution
HTTP Strict Transport Security (HSTS) is required for a site to ensure that users always connect to the site using HTTPS. In SuccessFactors there are no special firewall configuration settings necessary:
- All browser communication with the application leverages HTTPS with TLS 1.2 and AES 256-bit encryption on port 443.
- Flat file integrations will leverage SFTP on port 22 and we support PGP encryption.
- All API / Web Services calls also use HTTPS with TLS 1.2 and AES 256-bit encryption on port 443. Our mobile applications utilize the OData API's and OAuth Tokens.
See Also
KBA 2285759 - Security standards of SuccessFactors HXM Suite
KBA 2863021 - Configuring Content Security Header policies for a SuccessFactors instance
Keywords
HTTPS, HSTS, security, Encryption, protocol , KBA , LOD-SF-PLT-HED , Global Header , How To
Product
SAP SuccessFactors HCM Suite all versions