Service Auth in Worker with Service Token
Hi, I'm implementing a private API using Workers and want to secure access to it using Service Tokens. I've got a Worker set up and working in Access but wondering what the typical usage is supposed to be from the perspective of the client/caller.
Is the caller supposed to:
1) pass in the
2) Obtain the JWT from
Thanks for any insights on best practices
Is the caller supposed to:
1) pass in the
CF-Access-Client-Id and CF-Access-Client-Secret headers on every API call; - OR -2) Obtain the JWT from
CF_Authorization and pass that on subsequent API requests until the JWT times out at which point it will have to supply CF-Access-Client-Id and CF-Access-Client-Secret again to get a new JWTThanks for any insights on best practices
