When an integration service is accessed by a JavaScript client API, you can ensure the integrity and confidentiality of the data that is sent between the integration service and the JavaScript application that calls the integration service.
You can secure a SOAP/HTTP binding by using WS-Security (see WS-Security), but this mechanism is not available for use by the JavaScript client API.
If you want complete end-to-end security between the web browser and the integration service, you must also secure the connection to the WebSphere® MQ queue manager. For more information about securing WebSphere MQ queue managers, search for Data integrity in the WebSphere MQ product documentation.
To secure the data that is sent between an integration service and a JavaScript application that calls the integration service, you must complete the following tasks: