In order to prevent man-in-the-middle attacks, the authorization server MUST require the use of TLS with server authentication as defined by RFC2818 for any request sent to the authorization and token endpoints.

The client MUST validate the authorization server’s TLS certificate as defined by RFC6125 and in accordance with its requirements for server identity authentication.

SuiteCRM uses key cryptography in order to encrypt and decrypt, as well as verify the integrity of signatures.

Please ensure that you have the following:

  • OpenSSL PHP Extension installed and configured

  • The SuiteCRM instance must be configured to use HTTPS/SSL

  • You need to have PHP version 5.5.9, or 7.0 and above

To be able to successfully connect to the endpoints, you need to complete the steps under section Before you start calling endpoints in addition to what is mentioned here.

Content is available under GNU Free Documentation License 1.3 or later unless otherwise noted.