sample-spring-boot-api-service icon indicating copy to clipboard operation
sample-spring-boot-api-service copied to clipboard

Published 20 hours ago verified publisher icon zowe

Self-contained token-based authentication for development and testing purposes

Open plavjanik opened this issue 5 years ago • 0 comments

The goal of this story is to enable developers who are using the SDK to use token-based authentication in their REST API services.

  • The SDK commons library is enhanced to provide a self-contained token functionality that follows the requirements is documented in https://github.com/zowe/sample-spring-boot-api-service/blob/master/zowe-rest-api-sample-spring/docs/api-client-authentication.md#token-based-authentication
  • The token is valid only for the service itself in case of the self-contained implementation
  • The same API can be used for token-based authentication with Zowe APIML provider (ZAAS)

Note:

  • Start simple - no JWT, just cryptographically safe randoms string, initially in-memory, later persisted
  • This is the building block for APIML-based authentication when the basic self-contained provider is replaced by calls to ZAAS just by the means of the API service configuration

Requires #80

plavjanik avatar Nov 18 '19 05:11 plavjanik