joni-jones
commented
4 years ago This proposal extends a list of scenarios to be supported by introducing JWT https://github.com/magento/architecture/pull/188.
Closed AlexMaxHorkun closed 3 years ago
joni-jones
commented
4 years ago This proposal extends a list of scenarios to be supported by introducing JWT https://github.com/magento/architecture/pull/188.
AlexMaxHorkun
commented
3 years ago Will be implemented by our team
Problem
Admin/customers API tokens are stored in DB thus forcing Magento to contact storage during authentication which is avoidable, requiring additional cron job for clean up, need extra protection
Solution
Encode information required for authentication into tokens themselves, do not store them
Requested Reviewers
@paliarush