Skip to content

Keyed-Hash Message Authentication Code for APIs #266

New issue
New issue
Open
Feature
Open
Keyed-Hash Message Authentication Code for APIs#266
Feature
Labels
Area-APIThis issue is related to APIs.Area-AdminConsoleThis issue is related to the admin console.Area-SecurityThis issue is related to security features.Area-SettingsThis issue is related to settings or the configuration system.Size - LThis issue is a large amount of work.v5Version 5 issue.
@McWengert

Description

@McWengert
McWengert
opened on Jun 26, 2021

It would be nice to have a built-in way to authenticate an API endpoint via HMAC.

I think this should not be very complex in the backend to implement but very useful.
I use System.Security.Cryptography for this.

$hmacsha = New-Object System.Security.Cryptography.HMACSHA256
$hmacsha.key = [Text.Encoding]::ASCII.GetBytes($secret)
$signature = $hmacsha.ComputeHash([Text.Encoding]::ASCII.GetBytes($Body))
$signature = [Convert]::ToBase64String($signature)

I think about something like:

New-PSUEndPoint -Authentication HMAC -Algotithm (SHA256,SHA512,...) -Secret "ClientSecret" -Endpoint ....

Would be great if that could be implemented at some point!

Have a great weekend and thanks for the great work!

regards

Metadata

Metadata

Assignees

No one assigned

    Labels

    Area-APIThis issue is related to APIs.Area-AdminConsoleThis issue is related to the admin console.Area-SecurityThis issue is related to security features.Area-SettingsThis issue is related to settings or the configuration system.Size - LThis issue is a large amount of work.v5Version 5 issue.

    Type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions