Centrify Privileged Access Service version 20.2 introduces a security enforcement of a value in all HTTP headers when communicating with the Centrify Platform REST APIs. This is an added security measure to prevent cross-site scripting.
Who should be concerned with this?
Customers using the SIEM integration tool, Centrify Syslog Writer. Customers not familiar with Syslog Writer, see the documentation page for additional information.
Customers using the REST APIs without the recommended value in the HTTP header.
What is the impact, if changes are not made?
Centrify Syslog Writer will fail with a “Redrock/Query request to tenant was unsuccessful” error.
Centrify REST API calls will fail with an “HTTP 401 Unauthorized Access” error.
What customer action is needed?
Update to the new version of Centrify Syslog Writer found on the Centrify Download Center. It can be found by clicking on the TOOLS AND PLUGINS tab, then under the SIEM integrations section. You may need to click “LOAD MORE” to see it. Note, this new version will be available when 20.2 is released.
Update your REST API code to include the following HTTP header value: “X-CENTRIFY-NATIVE-CLIENT: True”. For more information, refer to the “Setting HTTP headers” section on our Centrify Developers webpage.
What alternative actions are there?
Customers who need additional time to update the Centrify Syslog Writer or change their REST API code can temporarily disable this enhanced security feature on their tenant by going to Settings -> Authentication -> Security Settings and unchecking Origin Validation under API Security. Note, this setting is included in 20.2 and later releases.