You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hey - brilliant gem - was initially looking at Doorkeeper but was extremely pleased to find this one as its precisely what we needed.
I do have a use case I wanted to ask a question about, though. We need to authenticate a partner on a machine-to-machine type basis and my thinking was the best way to do this would be using a public/private key. I notice it says
Currently API Guard supports only HS256 algorithm for cryptographic signing
on the readme, but wanted to know if there was any material reason such a security, non compatibility with some of the code? I'm hoping it's more that you haven't had the need to implement it?
Hey @geoffw8, thanks for opening this suggestion and sorry for the delay in response. There shouldn't be any compatibility issue in adding the public/private key type of algorithm. Just thought of having one algorithm initially and then adding one by one in future based on the gem usage.
Hey - brilliant gem - was initially looking at Doorkeeper but was extremely pleased to find this one as its precisely what we needed.
I do have a use case I wanted to ask a question about, though. We need to authenticate a partner on a machine-to-machine type basis and my thinking was the best way to do this would be using a public/private key. I notice it says
on the readme, but wanted to know if there was any material reason such a security, non compatibility with some of the code? I'm hoping it's more that you haven't had the need to implement it?
Having had a poke around at the code it looks (potentially) as simple as extending this class: https://github.com/Gokul595/api_guard/blob/66937cc56aaa62af987751e4b95fc673ab82a7fd/lib/api_guard/jwt_auth/json_web_token.rb - is that right?
Thanks in advance!
The text was updated successfully, but these errors were encountered: