1
0
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git synced 2024-12-02 09:21:48 +02:00
oauth2-proxy/docs/6_request_signatures.md
2019-05-09 11:06:32 +01:00

922 B

layout title permalink nav_order
default Request Signatures /request-signatures 6

Request signatures

If signature_key is defined, proxied requests will be signed with the GAP-Signature header, which is a Hash-based Message Authentication Code (HMAC) of selected request information and the request body see SIGNATURE_HEADERS in oauthproxy.go.

signature_key must be of the form algorithm:secretkey, (ie: signature_key = "sha1:secret0")

For more information about HMAC request signature validation, read the following: