Why are JWT tokens are passed in the request body? #744
Answered
by
jimmarino
MikhailGordienk
asked this question in
Q&A
-
|
Why JWT tokens are passed in the request body and not in the header as regular bearer tokens? |
Beta Was this translation helpful? Give feedback.
Answered by
jimmarino
Sep 14, 2021
Replies: 1 comment
-
|
This is part of the current IDS specification. There is a new IDS REST API where (I believe) tokens will be passed as headers. It may make more sense to pass them as part of a defined envelope header due to the practical size restrictions on HTTP headers. Support for the IDS REST API is currently in progress. Alternatively, someone could create their own REST API for the connector. |
Beta Was this translation helpful? Give feedback.
0 replies
Answer selected by
juliapampus
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This is part of the current IDS specification. There is a new IDS REST API where (I believe) tokens will be passed as headers. It may make more sense to pass them as part of a defined envelope header due to the practical size restrictions on HTTP headers.
Support for the IDS REST API is currently in progress.
Alternatively, someone could create their own REST API for the connector.