Any method to do 2FA when two backend systems communicates via web API?

multi-factor-authentication

Solution 1:

If a password is something the server knows, then a certificate might be something the server has.

Consider protecting your web based API using TLS with mutual authentication where also the client (as the other server is acting as a client here) is authenticated via TLS. This way the password is only ever exchanged if both ends have first authenticated using their certificates.

Related

Is there anything insecure about opening port 80 just to redirect?
Find Bandwidth usage on app engine subdomains mappend on the same service
Ansible display the diff output of a task even if the task failed
got DLR but could not find message or was not interested in for some messages - kannel
How is 10GBASE-T defined for providing compatibility?
NFS: Server says "authenticated mount request", but client sees "access denied"
DPM 2010 has allocated 100% of our storage pool. What are our options?
Cannot set SQL_MODE to Mysql 8
Unable to start free trial and adding billing account [closed]
Windows Server 2019 users become read only [closed]
How to force `ip route get` to ignore a specific device?
How to send a HTTP header on all server blocks in nginx?