diff options
| author | Lars Wirzenius <liw@liw.fi> | 2018-06-09 15:10:51 +0300 |
|---|---|---|
| committer | Lars Wirzenius <liw@liw.fi> | 2018-06-09 15:10:51 +0300 |
| commit | 3243f17c17fb3a3daee5c6c2a336674bd26e33c1 (patch) | |
| tree | 4674d9e8bee7cc8f0bd9e677a361ec7d78a07bd0 /architecture.mdwn | |
| parent | d4118947149d3a53ec43c5906f8754cb8f28a2af (diff) | |
| download | ick.liw.fi-3243f17c17fb3a3daee5c6c2a336674bd26e33c1.tar.gz | |
Change: clarify access tokens in the security section
Diffstat (limited to 'architecture.mdwn')
| -rw-r--r-- | architecture.mdwn | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/architecture.mdwn b/architecture.mdwn index fcbc73f..1e259b4 100644 --- a/architecture.mdwn +++ b/architecture.mdwn @@ -339,6 +339,11 @@ All APIs are provided over TLS only. Access tokens are signed using public key encryption and the public part of the signing keys is provided to all API providers at deployment time. +The access tokens contain the identity of the API client, and a list +of "scopes", which define what the bearer of the token can do. Each +API call has its own scope (HTTP method, plus path component of the +URL). + Getting an access token ----------------------------------------------------------------------------- |