JWT: Encrypting user credentials and secrets in yaml config.

ecadlabs / signatory

Signatory - A Tezos Remote Signer for signing block-chain operations with private keys using YubiHSM, AWS, GCP, Ledger's or Azure Key Vault

https://signatory.io

Apache License 2.0

61 stars 18 forks source link

JWT: Encrypting user credentials and secrets in yaml config. #352

Closed AbineshECAD closed 1 year ago

AbineshECAD commented 1 year ago

Sensitive JWT configuration data should be secured by providing options to store them in a secured cloud vault or locally.

Related issue: #341

stephengaudet commented 1 year ago

agree 100%, however, as discussed in planning, we can deliver the JWT MVP without vaulting the credentials and secret. closing this issue as discussed.