Are App Services secure?

Using Webservices we have the ability to define custom authentication schemes like Kerberos. App services on the other hand only has username/password authentication. Is this secure enough and how would you argue that for good IT security governance?
1 answers

Secure enough depends on the context of the customer: appservices are technically webservices using username/password authentication. The security officer of your customer should be able to tell you if this is secure enough in their situation.

The focus of appservices is mendix app to mendix app communication, so this will usually be within the firewall. For communication to external parties webservices are more applicable as you have no control over the technology used at the other end.

For many companies, internal communication has other security requirements than external communication, so username/password authentication will be secure enough.