Skip to content

Commit

Permalink
Include suggestions of #74
Browse files Browse the repository at this point in the history
  • Loading branch information
sverhoeven committed May 21, 2024
1 parent d9b2d16 commit 7ab022d
Showing 1 changed file with 10 additions and 7 deletions.
17 changes: 10 additions & 7 deletions docs/configuration.md
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ You can read more about BaseSettings class here:

The bartender web service uses [JWT tokens](https://jwt.io/) for authentication.

The tokens should use the RS256 algorithm,
The tokens use the RS256 algorithm for signing and validating,
which requires a public and private RSA key pair.
A key pair can be generated with

Expand All @@ -42,13 +42,13 @@ openssl genpkey -algorithm RSA -out private_key.pem -pkeyopt rsa_keygen_bits:204
openssl rsa -pubout -in private_key.pem -out public_key.pem
```

The private key of the RSA key pair is used to sign a token in
an another web application or with the `bartender generate-token` command.
The consumer (usually another web application) uses the private key to
generate a token. Bartender then uses the corresponding public key to
verify that the token comes from the trusted source.

The public key of the RSA key pair is used to verify that the token comes
from a trusted source.
The public key file location is `public_key.pem`
or value of `BARTENDER_PUBLIC_KEY` environment variable.
The public key file is located by the value
of `BARTENDER_PUBLIC_KEY` environment variable or
falls back to 'public_key.pem` file name.

The token payload should contain the following claims:

Expand All @@ -58,6 +58,9 @@ The token payload should contain the following claims:
* `roles`: Optionally. The roles of the user.
See [Applications](#applications) how roles are used.

Bartender can also generate its own tokens using the
`bartender generate-token --private-key private_key.pem` command.

## Configuration file

Bartender uses a configuration file for setting up applications and destinations.
Expand Down

0 comments on commit 7ab022d

Please sign in to comment.