A to Z Sky Operating System / Microservice Chassis Framework
MIT License
213
stars
29
forks
source link
(API access, API security)::Internal service api auth question - can we add a long-term bearer(or another scheme) for access by internal services? What tokens should internal services use? #796
Can service tokens have client IP restriction policy so if the token is stolen it can not be used outside of internal network.
We can also use OAuth STS, the question is- do we need such complexity for internal service access?