OpenEdge REST Management Agent is a Web application, just as the REST Web application. Therefore, the security configurations for a REST Management Agent and a REST Web application are the same.
OpenEdge supplements the Java container's security with the industry recognized Spring security framework. Spring security is a customizable authentication and access-control framework. It is one of the industry standards for securing Spring-based applications. The Spring security configurations available to you for securing the RESTful web-services developed in OpenEdge are described in
Security configuration models.