[Koha-bugs] [Bug 25794] New: Add PKI/x509/client SSL authentication to REST API
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Thu Jun 18 05:10:49 CEST 2020
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25794
Bug ID: 25794
Summary: Add PKI/x509/client SSL authentication to REST API
Change sponsored?: ---
Product: Koha
Version: unspecified
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5 - low
Component: REST API
Assignee: koha-bugs at lists.koha-community.org
Reporter: dcook at prosentient.com.au
It could be useful to add PKI/x509/client SSL authentication to the REST API to
ease machine-to-machine interactions.
A vendor could set up all their Koha instances to trust certificates signed by
the a vendor's certificate authority public key. Then all new API consumers
could just get certificates issued by the vendor's CA.
That said, I suppose authorization would still be a problem. With Bug 6296,
they were still mapping the certificate to a Koha user.
And then there's the issue of how to handle revoked certificates.
Maybe it is best just to rely on OAuth2 and Basic Auth.
--
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.
More information about the Koha-bugs
mailing list