hasura/graphql-engine
1
0
Fork 0
mirror of https://github.com/hasura/graphql-engine.git synced 2024-09-11 10:46:25 +03:00
Code Issues Projects Releases Wiki Activity

update jwt docs (#742)

Browse Source
This commit is contained in:
dharmendra-lingaiah 2018-10-15 10:33:47 +05:30 committed by Shahidh K Muhammed
parent e2817b1b1b
commit 17bfc36f86
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
docs/graphql/manual/auth/jwt.rst
View File

@ -151,7 +151,7 @@ encoded public key) as string as well - under the ``key`` field.
**Rotating JWKs**:
Some provider rotates their JWKs (like Firebase). If the provider sends an
Some providers rotate their JWKs (E.g - Firebase). If the provider sends an
``Expires`` header with the response of JWK, then graphql-engine will refresh
the JWKs automatically. If the provider does not send ``Expires`` header, the
JWKs are not refreshed.
@ -176,7 +176,7 @@ Examples
HMAC-SHA based
+++++++++++++++
Your auth server is using HMAC-SHA algorithms to sign JWTs, and is using a
256-bit key. Then the JWT config will look like:
256-bit key. In this case, the JWT config will look like:
.. code-block:: json
@ -185,11 +185,11 @@ Your auth server is using HMAC-SHA algorithms to sign JWTs, and is using a
"key": "3EK6FD+o0+c7tzBNVfjpMkNDi2yARAAKzQlk8O2IKoxQu4nF7EdAh8s3TwpHwrdWT6R"
}
The ``key`` is the actual shared secret. Which is used by your auth server as well.
The ``key`` is the actual shared secret, which is used by your auth server as well.
RSA based
+++++++++
If your auth server is using RSA to sign JWTs, and is using a 512-bit key. Then,
If your auth server is using RSA to sign JWTs, and is using a 512-bit key. In this case,
the JWT config needs to have the only the public key.
**Example 1**: public key in PEM format (not OpenSSH format):