Mutual TLS Authentication

Signed certificates in the system use mutual Transport Layer Security (TLS) authentication. This certificate-based authentication certifies that incoming HTTP requests from Gotransverse (like notifications) to your infrastructure are from a trusted Gotransverse application before any data or information is transmitted. Your infrastructure is also authenticated as being a trusted source back to Gotransverse. The following image illustrates this authentication.

Gotransverse to Client Authentication Flow

Gotransverse to Client Authentication Flow

The following is an example of mutual authentication between the client (tenant) and Gotransverse:

When Gotransverse wants to communicate with Acme’s server, they will both authenticate the other and verify that it is who they are expecting to communicate with before any data or messages are transmitted.

  1. Gotransverse sends a message to Acme to show that Gotransverse is a trusted user.

  2. Acme verifies the message. It is valid.

  3. Acme sends Gotransverse a message back to show that Acme is a trusted user.

  4. Gotransverse verifies the message. It is valid.

  5. Both parties are verified to be who they claim to be and safe to communicate with each other.