We’re excited to announce that mutual Transport Layer Security (mTLS) credentials are now generally available in Integration Manager. This new feature enables stronger, certificate-based client authentication—designed to meet the highest standards of security and credential management for financial institutions and service providers using the Integration Manager.
What is mTLS?
Mutual TLS (mTLS) is a method of securely transmitting data where both the client and the server present and verify digital certificates before exchanging any information. It’s like a two-way handshake backed by PKI (Public Key Infrastructure), ensuring both parties are who they claim to be.
In contrast to OAuth-based client secrets, which rely on tokens and keys, mTLS uses cryptographic certificates to prove identity. It significantly reduces the risk of unauthorized access and man-in-the-middle attacks.
What’s New?
Integration Manager now supports mutual TLS (mTLS), adding another layer of trust and verification to your service communications. While traditional TLS ensures your system is authenticated, mTLS goes a step further—authenticating the client as well.
Service Principals are a new credential type on the PortX platform and can now be assigned mTLS credentials in Integration Manager. This allows only verified clients, such as banking cores or fintech partners, to access your APIs.
Secure Access in Just Three Easy Steps
Setting up mTLS has historically been a complex and time-consuming task. Now, with Integration Manager, the process is streamlined and user-friendly. By selecting Private Key JWT, you can quickly generate a secure mTLS credential, eliminating the need for manual certificate handling and configuration. From there, generating an access token and securing API access becomes a seamless process, with Integration Manager handling the heavy lifting behind the scenes.
Here’s how easy it is in just three steps:
- Generate a mTLS credential by selecting Private Key JWT.
“Manage Service Principals” screen in the “Secure” module of Integration Manager. - Create the access token from the mTLS credential with a simple combination of requests to the PortX Authorization Server.
- The token’s unique signature and mTLS certificate are automatically validated by the API gateway. Additional access controls—such as roles or scopes—are enforced by the administrator.
How Automated mTLS Benefits PortX Customers
Security and data integrity are non-negotiable. With the rollout of mTLS credentials, Integration Manager makes it easier to meet those expectations—without the operational complexity.
- No extra certificate setup – No need to purchase additional TLS certs or run a Certificate Authority.
- No advanced configurations – mTLS support is native to the PortX platform.
- Simple, enforced security – If a client doesn’t present a valid certificate, they don’t get in. It’s that simple.
These Service Principal certificates are automatically validated by the PortX API Gateway, giving you fine-grained control over which clients can access your APIs—with no manual overhead.
Of course, our standard OAuth (client_secret) credential type is still available for services that don’t require mTLS, so you can choose what best fits your needs.
Want to Learn More?
If you’d like to dive deeper into how PortX builds financial-grade, secure products, or want help enabling mTLS credentials for your organization, reach out to our team. And stay tuned—more powerful updates are on the way.
