[REST] secret must be optional in a Subscription

gs1 / EPCIS

Draft files being shared for EPCIS 2.0 development

Other

20 stars 7 forks source link

[REST] secret must be optional in a Subscription #389

Closed jmcanterafonseca-iota closed 2 years ago

jmcanterafonseca-iota commented 2 years ago

as there could be asymmetric cryptography used where no secret is needed

mgh128 commented 2 years ago

Option client request (in payload): signatureToken (primarily used for symmetric signatures such as HMAC-SHA256) Server response to webhook calls: GS1-signature

Add examples in OpenAPI spec for both symmetric and asymmetric signatures

domguinard commented 2 years ago

Done