Inbound and outbound connectivity

Inbound connectivity

Rule Designer

• Use a version of Rule Designer that is entitled to connect to the cloud portal. Use basic authentication or SAML security.
• Rule Designer can synchronize projects to Decision Center in the cloud portal.
• Rule Designer can deploy to Rule Execution Server in the cloud portal.

Deploying to Rule Execution Server

• Deploy from Decision Center in an on-premises Operational Decision Manager installation to Rule Execution Server in the cloud portal.
• Deploy from Decision Center in another cloud service to Rule Execution Server in the cloud portal.

Invocation of decision services

The invocation of decision services requires basic authentication or service credentials.

Invocation of Decision Center API

The invocation of the Decision Center API deployed in the cloud portal requires basic authentication or service credentials.

IP allowlisting

For connectivity from known IP addresses and to avoid unauthorized connections, you can use IP allowlisting on a per-tenant basis. For a client tenant, you provide an IP address range or IP addresses that are authorized to connect to the tenant.

Outbound connectivity

Deploying to another Rule Execution Server

• From Decision Center in the cloud portal, you can deploy to an external Rule Execution Server by providing the required authentication credentials for the target server.
• From the Decision Center in the cloud portal, you can deploy to any Rule Execution Server outside the cloud by providing the required basic authentication.
• In the Operational Decision Manager executable object model (XOM) code, you can use transport layer security to create connections to any external server and invoke any methods. You must ensure that the server is accessible, and that it has the required credentials. The server should have a CA-signed certificate to avoid certificate management. If the server's certificate is self-signed, your XOM code needs to set up a truststore with that certificate.