syncope-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Colm O hEigeartaigh <cohei...@apache.org>
Subject [DISCUSS] - Support Bearer authorization for JWT tokens?
Date Fri, 23 Jun 2017 08:34:08 GMT
Hi all,

Larry McCay from Apache Knox (amongst other projects) raised an interesting
point here:

https://twitter.com/lmccay/status/877981989638356992

Rather than use a custom header "X-Syncope-Token" to include the JWT token
when invoking on the Syncope REST services, we might as well instead use
the "Bearer" Authorization header to follow the standards:

https://tools.ietf.org/html/rfc6750

We could support both for 2.0.4 and then switch to only supporting the
Authorization header for 2.1.0.

WDYT?

Colm.


-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message