OpenSearch Security


Every request against the OpenSearch interface is authenticated with a 40 characters long random token. This token is network specific and therefore highly sensitive and should be kept confidential. A user with access to this token can access all questions although the user might be already deactivated within Starmind.{TOKEN}


As the OpenSearch is authenticated with an access token, it is important to encrypt every request with TLS/SSL (HTTPS) to limit the possibility of violating confidentiality.