Skip to content

Commit

Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
More tweaks
Browse files Browse the repository at this point in the history
jonathan-r-thorpe committed Feb 22, 2024

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
1 parent 913c6a5 commit 9347ed0
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion Documents/Authorization.md
Original file line number Diff line number Diff line change
@@ -8,7 +8,7 @@ A client such as a Broadcast Controller provides credentials to the Authorizatio

The access token is time-limited, and must be refreshed before it expires. It is recommended to attempt to refresh the token at least 15 seconds before its expiry, or at the half-life of the access token.

To speed up the token validation process, the Node periodically fetches the Authorization Server's public keys, typically once every hour. The public keys allow the Node to perform local token validation without having to bombard the Authorization Server every time an API is accessed.
To speed up the token validation process, the Node periodically fetches the Authorization Server's public keys, typically once every hour. The public keys allow the Node to perform local token validation without having to contact the Authorization Server every time an API is accessed.

A similar idea is also applied to how Nodes perform node registration. The Registry obtains the public keys from the Authorization Server, and the Node obtains the registration access token from the Authorization Server. The Node embeds the token into the registration request for Node registration, and Registry heartbeats.

0 comments on commit 9347ed0

Please sign in to comment.