Jobserver authentication levels

The Jobserver service handles customer data to, for example, perform profiling on it or ingest data into Collibra Data Intelligence Platform. As this is sensitive data, we have to make sure that the communication with the Jobserver is as secure as possible. This section provides more information about the authentication levels available at the Jobserver configuration.

The Jobserver service supports three authentication levels.

Authentication level	Description
MUTUAL	Mutual authentication or two-way authentication is the authentication system where the two parties authenticate each other during their handshake. We only support certificate based mutual authentication, not username/password-based.
SERVER	Server authentication is the authentication system where the client authenticates the server identity but not the other way around. Warning For security reasons, do not use this level when you are using an on-premises Jobserver and a Collibra Data Intelligence Platform environment. We only support certificate based server authentication, not username/password-based.
NONE	No authentication, no encryption. This is plain HTTP communication. Warning This is an insecure connection, your data can be exposed.

Authentication level

Description

MUTUAL

Mutual authentication or two-way authentication is the authentication system where the two parties authenticate each other during their handshake.

We only support certificate based mutual authentication, not username/password-based.

SERVER

Server authentication is the authentication system where the client authenticates the server identity but not the other way around.

Warning For security reasons, do not use this level when you are using an on-premises Jobserver and a Collibra Data Intelligence Platform environment.

We only support certificate based server authentication, not username/password-based.

NONE

No authentication, no encryption. This is plain HTTP communication.

Warning This is an insecure connection, your data can be exposed.

No authentication level

If you don't set an authentication level, you communicate with the Jobserver via an unsecure connection, using the HTTP protocol. This authentication level should only be used when the Jobserver service runs in the same trusted network segment as the Data Governance Center service. But even when both services run in the same network segment, we recommend to avoid this authentication level as malicious software or network security breaches could still expose your data.

Server authentication

If you select server authentication, the client party (DGC service) authenticates the server party (Jobserver). If the authentication succeeds, the DGC service is certain that it communicates with the selected Jobserver service.

Mutual authentication

If you select mutual authentication, both parties (DGC and Jobserver services) authenticate each other at the same time. If the authentication succeeds, both parties are certain about each other's identity. This is the most secure authentication level and is therefore the recommended authentication level for the Jobserver service.

For more detailed information about the mutual authentication between the Jobserver and DGC service, see Mutual authentication between Jobserver and DGC service.