Open Closed

Secure Web API using API Key Authentication – HMAC Authentic #5600

astutedev created ... issues/265

The link above goes over this pretty well, has this been integrated? Key/secret with RSA-256 validation would be fine too. I ask, as this is pretty common. Most of the 3rd party services I have to integrate use this type of security. Same with AWS, Twilio, etc. and any service that would be expected to integrate to our API would likely expect this rather than user/pw login and then using token responses from that. That said, tokens obviously works good too. There are some good benefits as to why using the key/secret hmac though.

Thankfully, I saw the example someone had given, which is good, though I figured I'd ask in case someone else has done this, and if so, if they have a full example on this? The one he gives certainly goes over most of it, but would be a lot easier to see in the full example in a aspnetzero and/or aspnetboilerplate. It also is prudent to ask as if so, it would save me some time :)

Thanks in advance for any responses!

3 Answer(s)
  • 0
    ismcagdas created

    @AstuteDev it is still not implemented, probably we forgot about this issue. But we have a related issue in ABP's v3.9 ... ssues/3797 and we can consider ... issues/265 while working on this issue.

  • 0
    astutedev created

    Yeah, if you could consider adding that in, that would be great! Let me know if you need any additional info in order to make a decision in adding this as part of 3.9 listed in #3797. Thanks.

  • 0
    byeniceri created

    When will this feature will be implemented? Is there any roadmap? We need key/secret authentication for our customers