commit 763366771f81553fc0590efbb69aa8fe7dfcf857
parent a7fe34e0f05944a9fac9da517d3b207877e8f50e
Author: Martin Schanzenbach <schanzen@gnunet.org>
Date: Mon, 7 Jul 2025 15:27:15 +0200
update merchant API doc with new config option to disable authn
Diffstat:
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/core/api-merchant.rst b/core/api-merchant.rst
@@ -80,7 +80,7 @@ Examples:
https://merchant-backend.example.com/management/instances/$ID
Endpoints to manage own instance:
- https://merchant-backend.example.com/private
+https://merchant-backend.example.com/private
https://merchant-backend.example.com/private/auth
https://merchant-backend.example.com/instances/$ID/private
https://merchant-backend.example.com/instances/$ID/private/auth
@@ -113,6 +113,9 @@ Currently, the ``/private/auth/`` API supports two main authentication methods i
Any API may be accessed using the bearer authentication ``secret-token: $INSTANCE_PASSWORD``.
Notice that this behaviour is deprecated and will be phased out in favor of login tokens.
+For testing, the service may be started with the configuration option ``DISABLED_AUTHENTICATION = YES``
+in section ``[merchant]`` (@since v20).
+
Scopes
^^^^^^
@@ -1188,7 +1191,7 @@ Setting up instances
.. ts:def:: InstanceAuthConfigTokenOLD
- // @deprecated v19
+ // @deprecated since v19
interface InstanceAuthConfigTokenOLD {
// The API is accessible through API tokens.
// Tokens are retrieved from the /private/token
@@ -1202,7 +1205,7 @@ Setting up instances
.. ts:def:: InstanceAuthConfigExternal
- // @deprecated v20
+ // @deprecated since v20
interface InstanceAuthConfigExternal {
// The mechant backend does not do
// any authentication checks. Instead an API
