centraldogma icon indicating copy to clipboard operation
centraldogma copied to clipboard

Published 20 hours ago verified publisher icon line

Change the format of access tokens

Open trustin opened this issue 9 months ago • 0 comments

Our access tokens always start with appToken-. appToken is a generic term that doesn't tell what service the token belongs to. It'd be better for security scanning if it starts with the prefix that explicitly signifies it's for Central Dogma. For example, we could make our tokens start with dogma? We could do some research on the format of popular services' access tokens, such as GitHub.

Other changes we might want to introduce as well:

  • Use _ instead of -
  • More entrophy
  • Backward compatibility (i.e. allow using the old tokens)

trustin avatar Nov 13 '23 03:11 trustin