Bug #3037

[API] websocket clients should not put API tokens in path or query string

Added by Tom Clegg almost 6 years ago. Updated over 5 years ago.

Status:
New
Priority:
Normal
Assigned To:
-
Category:
API
Target version:
Arvados Future Sprints
Start date:
Due date:
% Done:

0%

Estimated time:
Story points:
1.0

Description

Passing the token in an Authorization header (like the http interface) would be ideal. Passing it in a POST parameter would be acceptable.

History

#1 Updated by Tom Clegg almost 6 years ago

  • Target version set to Arvados Future Sprints

#2 Updated by Tom Clegg over 5 years ago

  • Subject changed from websocket clients should not put API tokens in path or query string to [API] websocket clients should not put API tokens in path or query string
  • Description updated (diff)
  • Category set to API
  • Story points changed from 2.0 to 1.0

Also available in: Atom PDF