Add BearerSecurityScheme
to Thing Descriptions for Server-Sent Events
#3078
Labels
BearerSecurityScheme
to Thing Descriptions for Server-Sent Events
#3078
The only security scheme currently mentioned in Thing Descriptions is the
OAuth2SecurityScheme
, which assumes that tokens will be provided in anAuthorization
header.Because the EventSource and WebSocket browser APIs to do not allow explicitly setting an
Authorization
header, the the gateway also supports providing a JWT in a query string.This could be communicated to WoT Consumers by including the
BearerSecurityScheme
in the security metadata of Thing Descriptions, within
set toquery
andname
set tojwt
.The text was updated successfully, but these errors were encountered: