You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Suggestions for supporting multiple client applications & API key based authentication
Currently server uses jwt token for authentication of web socket request from the tunnel client.
It would be nice if you use simple API key based authentication , where list of valid API key's can be configured via environment variable.
Multiple API keys can use .
Below example shows a API keys per application.
On the client side
API key & application name are send in the initial WebSocket connection, server will check the API key & app name from the lookup parsed from API_KEYS environment variable. If matches it maintains the Tunnel connection with appname as key
When external clients wants to send request to application , it can pass application name in the URL.
Example : If the tunnel server is running on endpoint https://example.com & a request for app1 & app2 looks as follows https://example.com/app1 https://example.com/app2
Tunnel Server can extract the application name from the URL & lookup TunnelConnection map & route request to proper web socket connection.
The text was updated successfully, but these errors were encountered:
Great , what about using simpler API key's via environment variable for authentication ?, Any comment ?
I made working changes on my fork with API key & app name . on the client side , I am using the profile has the application name . See the details in below link
Hi @madhub Sorry for missing this message. It is great that you have implement it in your fork. It is good to support authorization by app keys. And I would like to support base JWT and app keys.
And it is appreciated if you can send pull request to this project. So we can have more discussion at that PR.
I can raise the pull request for the existing implementation in my fork
However I have only kept API key for simplicity , I don't have JWT in my fork and I have not updated the client side documentation ( readme.md). Is this OK ?
Suggestions for supporting multiple client applications & API key based authentication
Currently server uses jwt token for authentication of web socket request from the tunnel client.
It would be nice if you use simple API key based authentication , where list of valid API key's can be configured via environment variable.
Multiple API keys can use .
Below example shows a API keys per application.
On the client side
API key & application name are send in the initial WebSocket connection, server will check the API key & app name from the lookup parsed from API_KEYS environment variable. If matches it maintains the Tunnel connection with appname as key
When external clients wants to send request to application , it can pass application name in the URL.
Example : If the tunnel server is running on endpoint https://example.com & a request for app1 & app2 looks as follows
https://example.com/app1
https://example.com/app2
Tunnel Server can extract the application name from the URL & lookup TunnelConnection map & route request to proper web socket connection.
The text was updated successfully, but these errors were encountered: