OpenSearch Security

Authentication

Every request against the OpenSearch interface is authenticated with a 40 characters long random token. This token is network specific and therefore highly sensitive and should be kept confidential. A user with access to this token can access all questions although the user might be already deactivated within Starmind.

https://app.starmind.com/opensearch/{TOKEN}

Encryption

As the OpenSearch is authenticated with an access token, it is important to encrypt every request with TLS/SSL (HTTPS) to limit the possibility of violating confidentiality.