Skip to content

Instantly share code, notes, and snippets.

@waleedsamy
Last active November 23, 2016 11:44
Show Gist options
  • Save waleedsamy/897e20112799fb94e15efe6745eb32df to your computer and use it in GitHub Desktop.
Save waleedsamy/897e20112799fb94e15efe6745eb32df to your computer and use it in GitHub Desktop.
auth and authz
  • ceneterlized authentication and authorization server.

  • simple interface to configure clients permision.

  • permision changes should propagated immediately e.g. api_rate_limit

  • no username/password send throw wires, tokens instead

  • token is generated using secret keys, which change automtically. whithout effecting any client

  • should use the right application and have the right permission to do anything

  • no need to hit auth server everytime you need to check the permission of your client rfc7519

  • no more than 25ms for doing authentication, is it to low?

  • easy use solution, proivide shared libraries(based in your programming language to use)

  • features:

  • view as - pretending to be another user.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment