[Koha-bugs] [Bug 25794] New: Add PKI/x509/client SSL authentication to REST API

[bugzilla-daemon at bugs.koha-community.org]

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25794

            Bug ID: 25794
           Summary: Add PKI/x509/client SSL authentication to REST API
 Change sponsored?: ---
           Product: Koha
           Version: unspecified
          Hardware: All
                OS: All
            Status: NEW
          Severity: enhancement
          Priority: P5 - low
         Component: REST API
          Assignee: koha-bugs at lists.koha-community.org
          Reporter: dcook at prosentient.com.au

It could be useful to add PKI/x509/client SSL authentication to the REST API to
ease machine-to-machine interactions.

A vendor could set up all their Koha instances to trust certificates signed by
the a vendor's certificate authority public key. Then all new API consumers
could just get certificates issued by the vendor's CA.

That said, I suppose authorization would still be a problem. With Bug 6296,
they were still mapping the certificate to a Koha user.

And then there's the issue of how to handle revoked certificates. 

Maybe it is best just to rely on OAuth2 and Basic Auth.

-- 
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.