PeopleSoft Integration Broker (IB) Security

Securing the PeopleSoft Integration Broker (IB) ensures the security of messaging both within PeopleSoft applications and among third-party systems. The following are several of the key tasks that Integrigy performs during our PeopleSoft security configuration assessments - take a look today at your settings:

  • Ensure all inbound requests are required to use Secure Socket Layer security/Transport Layer Security (SSL/TLS)
  • Ensure that the default the PSKEY  password has been changed - The PSKEY is keystore contains all root and node certificates used by the Integration Gateway and PIA. Using the default or weak password is not best practice.
  • Ensure the IB node ANONYMOUS is appropriately privileged.  If IB connections do not specify a node name and credentials, IB will try to use the ANONYMOUS node and the “default user ID” tied to that node. This default user must not be a highly privileged user and should be granted the least number of privilege possible.
  • Review all other nodes for permissions appropriate for the business services supported by the node. Best practice is to use a unique UserID for each node that only has appropriate permissions to only to the required objects or related sets of operations.

The following attributes are also reviewed that govern IB activity :

Integration Broker Profile Values





IB Profile Status. If enabled, IB will show performance information.

For production or Internet facing set to off.


Enables logging


For production or Internet facing set to off.


Log Level  (if logging is enabled)

1= Standard gateway exception errors.

  1. 2 = All errors and warnings (Default.)
  • 3 = Errors, warnings and important information.
  • 4 = Errors, warnings, important and standard information.
  • 5= Errors, warnings important, standard and low importance information

Default: 2


Checks for recursion within messages (number of levels) to ensure that messages do not reference themselves.

Value between 3 and 50

Default: 20


Determines if Master processing returns statistics in the Output Information section after a Post.

For production or Internet facing set to off.


Pre-848 Tools Release

Default is N


By default, only one domain may be active in the Integration Broker system. However, PeopleSoft provides the option to enable the activation of multiple domains.

Off unless required.


Determines if the application server URL for a synchronous slave template uses the application server IP address:  e.g. URL format from <machine name>:<jolt port> to IP address



If you have questions, please contact us at

Michael A. Miller, CISSP-ISSMP, CCSP


PeopleSoft Database Security

PeopleSoft Security Quick Reference

 Share this post