On the Adobe Connect central page, click Administration > Account > More Settings.
Adobe Connect administrators can turn on and enforce secure HTTPS connections to boost the security of their servers.
Adobe Connect administrators can enhance the security of their account from the Administration tab.
Click Administration > Account > More Settings.
Select Requires SSL Connection (RTMPS), so Adobe Connect enforces the use of RTMPS protocol.
Select Enable Enhanced Security, to force Web Services APIs to use secure (HTTPS) connection and generate new session identifier after successful login.
Note: Adobe recommends checking Enhanced Security option.
Follow the steps below:
1. After you authenticate, the following cookies are generated:
2. Call the common-info API to get the CSRF token corresponding to the CSRF cookie (BreezeCCookie).
3. Send all subsequent HTTP GET API calls that change state with the BreezeCCookie as a cookie and a OWASP_CSRFTOKEN. For example:
https://\[SERVER_URL\]/api/xml?action=\[state changing action\]&........&OWASP_CSRFTOKEN=[token_extracted_above]
4. For integrations that call single or multiple XML APIs via a single HTTP POST method, send the OWASP_CSRFTOKEN (along with the BreezeCCookie CSRF cookie), as shown below:
<actions mode='...' OWASP_CSRFTOKEN=[token_extracted_above]>