CXML-SHARED-SECRET
cXML SharedSecret is the <SharedSecret> element of a cXML <Credential> that carries the shared password authenticating the <Sender> emitter to the destination.
Definition
The <SharedSecret> is a string agreed out-of-band between the two partners. It serves as application-level authentication: if the receiver computes or compares a different secret it rejects the message with <Status code="401">. The value travels in clear text inside the XML, mandating HTTPS transport.
Origin
Present since cXML 1.0. With the rollout of OAuth 2.0 and X.509 certificates in Ariba Network, its usage is declining but remains common in legacy integrations.
Use
When configuring a supplier in Ariba, a SharedSecret is declared on the server side. Every received message must carry this secret in <Sender><Credential><SharedSecret>...</SharedSecret></Credential></Sender>. Periodic rotation is a security best practice.
Related terms
- cXML — the parent standard.
- cXML Credential — the container.
- cXML Sender — the authenticated context.
- TLS 1.3 — recommended secure transport.