Web Development

0 readers

1 users here now

Icon base by Delapouite under CC BY 3.0 with modifications to add a gradient

founded 2 years ago

MODERATORS

snowe@programming.dev

Ategon@programming.dev

Can RSA be used for web API authentication? (lemy.lol)

submitted 2 years ago* (last edited 2 years ago) by iso@lemy.lol to c/webdev@programming.dev

5 comments fedilink hide all child comments

cross-posted from: https://lemy.lol/post/4569543

I need to

encrypt JSON payload (not just sign)

not share private key

verify the payload is generated with the shared public key and RSA fitting all of these.

As I've only made auth with JWT so far, I'm not sure. If I use RSA, I guess I have to put the encrypted text in the body.

Do you think it can be used? Any other suggestions?

you are viewing a single comment's thread
view the rest of the comments

[–] iso@lemy.lol 1 points 2 years ago

The client wants to encrypt the payload while sending to us. I hope they know why they want this :)