Base solution for your next web application
Starts in:
01 DAYS
01 HRS
01 MIN
01 SEC
Open Closed

Secure Web API using API Key Authentication – HMAC Authentic #5600


User avatar
0
astutedev created

<a class="postlink" href="https://github.com/aspnetboilerplate/module-zero-forsaken/issues/265">https://github.com/aspnetboilerplate/mo ... issues/265</a>

The link above goes over this pretty well, has this been integrated? Key/secret with RSA-256 validation would be fine too. I ask, as this is pretty common. Most of the 3rd party services I have to integrate use this type of security. Same with AWS, Twilio, etc. and any service that would be expected to integrate to our API would likely expect this rather than user/pw login and then using token responses from that. That said, tokens obviously works good too. There are some good benefits as to why using the key/secret hmac though.

Thankfully, I saw the example someone had given, which is good, though I figured I'd ask in case someone else has done this, and if so, if they have a full example on this? The one he gives certainly goes over most of it, but would be a lot easier to see in the full example in a aspnetzero and/or aspnetboilerplate. It also is prudent to ask as if so, it would save me some time :)

Thanks in advance for any responses!


3 Answer(s)
  • User Avatar
    0
    ismcagdas created
    Support Team

    @AstuteDev it is still not implemented, probably we forgot about this issue. But we have a related issue in ABP's v3.9 <a class="postlink" href="https://github.com/aspnetboilerplate/aspnetboilerplate/issues/3797">https://github.com/aspnetboilerplate/as ... ssues/3797</a> and we can consider <a class="postlink" href="https://github.com/aspnetboilerplate/module-zero-forsaken/issues/265">https://github.com/aspnetboilerplate/mo ... issues/265</a> while working on this issue.

  • User Avatar
    0
    astutedev created

    Yeah, if you could consider adding that in, that would be great! Let me know if you need any additional info in order to make a decision in adding this as part of 3.9 listed in #3797. Thanks.

  • User Avatar
    0
    byeniceri created

    When will this feature will be implemented? Is there any roadmap? We need key/secret authentication for our customers