This repository has been archived by the owner on Apr 11, 2023. It is now read-only.

Signing Internal Requests #13

Closed

markwylde opened this issue Sep 7, 2020 · 1 comment

Contributor

markwylde commented Sep 7, 2020

Internal requests are authentication via an internal secret being added to the header which is matched against the config file.

Instead of passing the secret directly into the header, we should use the secret to create a fingerprint of the:

${request.method}${request.url}${Date.now()}

The text was updated successfully, but these errors were encountered:

Contributor Author

markwylde commented Nov 24, 2020

The concept of internal requests is being removed #96.

markwylde closed this as completed

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.