jackson icon indicating copy to clipboard operation
jackson copied to clipboard

Published 20 hours ago • verified publisher icon boxyhq

mTLS auth as an alternative to API Key auth

Open deepakprabhakara opened this issue 3 years ago • 4 comments

Is your proposal related to a problem?

We should support mTLS as an auth mechanism for API calls.

Additional context

mTLS ensures that the parties at each end of a network connection are who they claim to be by verifying that they both have the correct private key. The information within their respective TLS certificates provides additional verification.

Further details

We currently use API keys to authenticate protected requests. We need to offer mTLS as an alternative auth mechanism, this will allow our customers to set up internal communication between their services and Jackson.

If possible both auth mechanisms should work (shouldn't be a choice between mTLS or API Keys).

deepakprabhakara avatar Apr 27 '22 21:04 deepakprabhakara

Hi, is there any elaboration and detail about this enhancement? I am interested to help with this. Thank you in advance!

shevalda avatar Oct 02 '22 13:10 shevalda

That's great @shevalda, here's a Cloudflare article with more details - https://www.cloudflare.com/en-gb/learning/access-management/what-is-mutual-tls/. We want to support mTLS auth in addition to the API key based auth we currently support.

deepakprabhakara avatar Oct 03 '22 13:10 deepakprabhakara

@gitstart-boxyhq One more issue is ready, many thanks

deepakprabhakara avatar Nov 01 '22 19:11 deepakprabhakara

Hi @deepakprabhakara!

I would like to pick this up. Could you assign me the issue?

sp6370 avatar Oct 24 '23 03:10 sp6370