htwkmooc/poseidon
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Change authorization header key (#6)

Browse Source 
* Change authorization header key

as the use of headers starting with X- has been deprecated in RFC6648.

* Update configuration.example.yaml

Co-authored-by: Sebastian Serth <MrSerth@users.noreply.github.com>
This commit is contained in:
Maximilian Paß
2021-10-04 12:23:41 +02:00
committed by GitHub
parent b530c58ee8
commit 9d7e59df36
3 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
docs/security.md
View File

@ -10,12 +10,12 @@
The API supports authentication via an HTTP header. To enable it, specify the `server.token` value in the `configuration.yaml` or the corresponding environment variable `POSEIDON_SERVER_TOKEN`.
Once configured, all requests to the API, except the `health` route require the configured token in the `X-Poseidon-Token` header.
Once configured, all requests to the API, except the `health` route require the configured token in the `Poseidon-Token` header.
An example `curl` command with the configured token being `SECRET` looks as follows:
```bash
$ curl -H "X-Poseidon-Token: SECRET" http://localhost:7200/api/v1/some-protected-route
$ curl -H "Poseidon-Token: SECRET" http://localhost:7200/api/v1/some-protected-route
```
### Nomad