This commit adds secure API keys to Sensu, breaking compatibility with Sensu 6.x API keys. API keys are no longer stored in plaintext. Instead, their salted hash is stored, and after the initial key grant, the key cannot be retrieved from Sensu.
The sensuctl api-key grant command works the same way as before, but now responds slightly differently, and also includes a uniquely chosen name for the API key.
API keys can also now be created with sensuctl create with a supplied hash value, when migrating keys between clusters.
This commit adds secure API keys to Sensu, breaking compatibility with Sensu 6.x API keys. API keys are no longer stored in plaintext. Instead, their salted hash is stored, and after the initial key grant, the key cannot be retrieved from Sensu.
The sensuctl api-key grant command works the same way as before, but now responds slightly differently, and also includes a uniquely chosen name for the API key.
API keys can also now be created with sensuctl create with a supplied hash value, when migrating keys between clusters.