Hi, Alexandr. Thanks for your feedback. I have fixed your comments ср, 31 мая 2023 г. в 13:18, Aleksandr Pakhomov <apk...@gmail.com>:
> Hi, Mikhail > > > Then the REST client’s exchange with the node will follow the flow: > > Client posts the client-id and client-secret to the token endpoint URL > using specified authentication type and receives an access token or error > message. At this point implementation should cache the token. > > Client sends the access token to the REST API endpoint using the > client_secret_basic authentication type. > > REST API implementation validates the token using the JWKS URL. > > > > ^^ does not sound like a Basic Authentication that is used to be just a > base64 encoded username-password pair. Shall we rename the proposal to > "Authentication in Apache Ignite 3"? > > One more question, could you please describe the security-related about > how should we store the password on the server? > > -- > Best regards, > Aleksandr > > > > On 31 May 2023, at 09:34, Mikhail Pochatkin <m.a.pochat...@gmail.com> > wrote: > > > > Hi, Igniters! > > > > Please take a look at the proposal for Basic Authentication in Apache > > Ignite 3 [1]. > > > > Thanks for any feedback! > > > > 1. IEP-106: Basic Authentication - Apache Ignite - Apache Software > > Foundation > > < > https://cwiki.apache.org/confluence/display/IGNITE/IEP-106%3A+Basic+Authentication > > > > -- best regards, Pochatkin Mikhail.
