What's the distinction between the shared secret and bearer approaches for Panther HTTP log sources?
Panther supports several authentication options to provide flexibility in how to set up a Panther HTTP log source based on your operational preferences and security posture. The choice between these methods can depend on your specific security needs, the ease of token/credential management, and integration capabilities with your existing systems.
From a security perspective, both shared secret and bearer token methods are secure. That said, bearer tokens may have a bit more enhanced security features such as the ability to easily invalidate tokens without changing the underlying credentials.
• Shared Secret: In the shared secret method, the user provides a value, which is then used as the secret for HTTP requests. This approach is generally straightforward and secure as long as the secret is kept confidential and is sufficiently complex.
• Bearer Token: The bearer token approach uses a token for authentication, which is included in the HTTP headers. This approach may offer more control over token management (such as expiration and revocation), making it potentially more flexible than using a shared secret.
For more information about the HTTP sources' configuration and authentication methods, check our documentation page.