https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25794 Bug ID: 25794 Summary: Add PKI/x509/client SSL authentication to REST API Change sponsored?: --- Product: Koha Version: unspecified Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 - low Component: REST API Assignee: koha-bugs@lists.koha-community.org Reporter: dcook@prosentient.com.au It could be useful to add PKI/x509/client SSL authentication to the REST API to ease machine-to-machine interactions. A vendor could set up all their Koha instances to trust certificates signed by the a vendor's certificate authority public key. Then all new API consumers could just get certificates issued by the vendor's CA. That said, I suppose authorization would still be a problem. With Bug 6296, they were still mapping the certificate to a Koha user. And then there's the issue of how to handle revoked certificates. Maybe it is best just to rely on OAuth2 and Basic Auth. -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.