public_git
/
oauth2-proxy
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
oauth2-proxy/docs/6_request_signatures.md

938 B
Raw Blame History

layout title permalink nav_order
default Request Signatures /request-signatures 6

Request signatures

If signature_key is defined, proxied requests will be signed with the GAP-Signature header, which is a Hash-based Message Authentication Code (HMAC) of selected request information and the request body [see SIGNATURE_HEADERS in oauthproxy.go]({{ site.gitweb }}/oauthproxy.go).

signature_key must be of the form algorithm:secretkey, (ie: signature_key = "sha1:secret0")

For more information about HMAC request signature validation, read the following: