we want to use WSS-Passwordtype property to REST API.What is the Assertion we can use for it.
WSS Password Type is a SOAP based concept that will outline if the password in the XML payload is plain text or digest. For Digest, you can use the Require Ws-Security Password Digest Credentials which is a one to one relationship of user to assertion as we need to know the password. For Plain text, you can use the WS-Security UsernameToken Profile Credentials.
Another option is you can pull the username and password out of the XML payload with Require XPath Credentials and authenticate it against an identity provider.
Retrieving data ...