This commit is contained in:
@@ -6,9 +6,9 @@
|
||||
|
||||
<h2>Overview</h2>
|
||||
|
||||
<p>Provide REST API for CRUD to store and retrieve secrets. Only password is encrypted, via AES256 GCM. Values stored encrypted within a sqlite database.</p>
|
||||
<p>Provide REST API for CRUD to store and retrieve secrets with associated username, device name and optionally device class. Secret is stored in sqlite database once encrypted using an AES256 block cipher wrapped in Galois Counter Mode with the standard nonce length.</p>
|
||||
|
||||
<p>A successful authentication returns a JWT token which must be provided for all other operations.</p>
|
||||
<p>All secret operations (Create, Read, Update or Delete) require successful authentication. A JWT token is returned upon login, which must be provided for all other operations.</p>
|
||||
|
||||
<p>Multiple user roles are supported, with each user only able to access secrets matching their user role. One exception is the built in administrator role that is able to access all secrets.</p>
|
||||
|
||||
@@ -168,7 +168,7 @@ WantedBy=multi-user.target
|
||||
}
|
||||
</code></pre>
|
||||
|
||||
<p>This API call will return a JWT token that must be present for any other API calls to succeed. The validity duration of this token is based on the configured TOKEN_HOUR_LIFESPAN value. JWT token is returned as value of <code>access_token</code>.</p>
|
||||
<p>This API call will return a JWT token that must be present for any other API calls to succeed. The validity duration of this token is based on the configured TOKEN_HOUR_LIFESPAN value. JWT token is returned as value of <code>access_token</code>, and must be supplied via a HTTP header in the form <code>"Authorization: Bearer <JWT_TOKEN>"</code> for all subsequent API calls.</p>
|
||||
|
||||
<h4>List Roles</h4>
|
||||
|
||||
|
||||
Reference in New Issue
Block a user