The key to Harmony is its use of IDs and shared secrets (passwords). IDs are used by both the website and the MIS system to communicate, assure proper routing and delivery, and ensure the veracity and integrity of the information moving between them.

The web server generates an ID and shared secret by which it identifies incoming information from the MIS system. This ID serves two purposes. First, it guarantees that information coming in to the web server finds its way to the right WS4P website. Then, when combined with the shared secret, it allows the web server to verify that the information coming in is valid and correct.

In the same way, the website is also assigned a unique ID and shared secret, which the MIS system uses to deliver information and to ensure the veracity of the information returning from the web.

The <Header> of all cXML transactions between the website and MIS system communicates this information.

• The domain name and <Identity> used in the <To> <Credential> ensure proper delivery of the cXML data going out.
• The same information in the <Sender> tag, along with its <SharedSecret>, verifies the authenticity of that data for the recipient.

Here's an example of how a typical header looks:

    <Header>
        
        <From>        
            <Credential domain="ws4p">
                <Identity>2358</Identity>
            </Credential>
        </From>
        
        
        <To>        
            <Credential domain="Test MIS">
                <Identity>MIS2358</Identity>
            </Credential>
        </To>
        
        <Sender>
            <Credential domain="ws4p">
                <Identity>2358</Identity>
                <SharedSecret>MyPassword</SharedSecret>
            </Credential>
        </Sender>

    </Header>