You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
By default communication is done over http without any authentication and authorization. This ok-ish for running locally where you trust the users on the system.
It would be nice if the web service could run on https with either self-signed certs or signed by trusted certificate authority like Let's encrypt.
To make sure the server can trust the client and vice versa we could use a shared secret like an API key or JWT.
See https://spec.openapis.org/oas/latest.html#security-scheme-object
The shared secret could be passed to the server using an environment variable.
The text was updated successfully, but these errors were encountered:
By default communication is done over http without any authentication and authorization. This ok-ish for running locally where you trust the users on the system.
It would be nice if the web service could run on https with either self-signed certs or signed by trusted certificate authority like Let's encrypt.
To make sure the server can trust the client and vice versa we could use a shared secret like an API key or JWT.
See https://spec.openapis.org/oas/latest.html#security-scheme-object
The shared secret could be passed to the server using an environment variable.
The text was updated successfully, but these errors were encountered: