-
ceneterlized authentication and authorization server.
-
simple interface to configure clients permision.
-
permision changes should propagated immediately e.g. api_rate_limit
-
no username/password send throw wires, tokens instead
-
token is generated using secret keys, which change automtically. whithout effecting any client
-
should use the right application and have the right permission to do anything
-
no need to hit auth server everytime you need to check the permission of your client rfc7519
-
no more than 25ms for doing authentication, is it to low?
-
easy use solution, proivide shared libraries(based in your programming language to use)
-
features:
-
view as - pretending to be another user.
Last active
November 23, 2016 11:44
-
-
Save waleedsamy/897e20112799fb94e15efe6745eb32df to your computer and use it in GitHub Desktop.
auth and authz
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment