Security

Cross-platform symmetric encryption offered by the libraries
All of our officially supported Ably client libraries support cross-platform symmetric encryption.  Symmetric encryption is defined as an algorithm for cryp...
Fri, 4 Mar, 2016 at 3:01 AM
DOS attack prevention
We take denial of service attacks and other security exploits very seriously at Ably and have thus designed our systems and processes to ensure we can deal ...
Tue, 10 Mar, 2015 at 11:49 PM
Token and Basic authentication
Both the REST API and the Realtime API use common authentication mechanisms and support Token and Basic authentication. This is based on having a se...
Thu, 3 Dec, 2015 at 12:13 PM
Authenticated and identified clients
The following terminology will help you to understand what authentication, authorisation and identification is in the context of the Ably service. A...
Thu, 21 Apr, 2016 at 6:19 PM
Are messages sent to and received from Ably sent securely using TLS?
Yes, by default all of our client libraries use TLS when communicating with Ably over REST or via our Realtime transports such as Websockets.  We do not cha...
Fri, 4 Mar, 2016 at 3:02 AM
Using capabilities to manage client access privileges on channels
Ably provides fine-grained permissions for all tokens that are generated, allowing the token issuer to control exactly what operations a client can perform....
Fri, 22 Apr, 2016 at 12:10 PM
Can a client emulate any client ID i.e. authenticate using a wildcard client ID?
Typically, when using the recommend token authentication scheme for clients, a client ID is assigned in one of the following ways: An explicit...
Thu, 11 Feb, 2016 at 10:44 PM
Recommendations for incrementally authorising new capabilities
Ably's auth uses a system of immutable tokens. A token is needed for a client to connect to the Ably service, which it obtains from yo...
Tue, 18 Oct, 2016 at 11:17 PM
"The security certificate has been revoked" error connecting to Ably
A few customers have been seeing 'security certificate revoked' errors connecting to Ably. This is due to a GlobalSign (our SSL certificat...
Tue, 18 Oct, 2016 at 5:46 PM
Do you support certificate and/or public key pinning for TLS connections?
This is not a feature we offer by default for customers as the Ably platform needs to reserve the right to change certificates for a number of reasons, su...
Mon, 7 Nov, 2016 at 12:04 PM