commit 10ccedeb75c2dd779808412883fb06d19935b0c8 parent 185b4a297b7ccf1da023b2f1b3c1e5419c0e5fa0 Author: Florian Dold <florian@dold.me> Date: Mon, 1 Mar 2021 11:08:31 +0100 merchant backend: change auth API to make it harder to shoot yourself in the foot Diffstat:
| M | core/api-merchant.rst | | | 20 | +++++++++++++++----- |
1 file changed, 15 insertions(+), 5 deletions(-)
diff --git a/core/api-merchant.rst b/core/api-merchant.rst @@ -825,11 +825,21 @@ Setting up instances // Merchant name corresponding to this instance. name: string; - // "Authentication" header required to authorize management access the instance. - // Optional, if not given authentication will be disabled for - // this instance (hopefully authentication checks are still - // done by some reverse proxy). - auth_token?: string; + // Authentication settings for this instance + auth: { + // Type of authentication. + // "external": The mechant backend does not do + // any authentication checks. Instead an API + // gateway must do the authentication. + // "token": The merchant checks an auth token. + // See "token" for details. + method: "external" | "token"; + + // For method "external", this field is mandatory. + // It specifies the "Authentication" HTTP header required to + // authorize management to access the instance. + token?: string; + } // The merchant's physical address (to be put into contracts). address: Location;