Service Auth in Worker with Service Token

Hi, I'm implementing a private API using Workers and want to secure access to it using Service Tokens. I've got a Worker set up and working in Access but wondering what the typical usage is supposed to be from the perspective of the client/caller.

Is the caller supposed to:

1) pass in the

CF-Access-Client-Id

CF-Access-Client-Id

and

CF-Access-Client-Secret

CF-Access-Client-Secret

headers on every API call; - OR -

2) Obtain the JWT from

CF_Authorization

CF_Authorization

and pass that on subsequent API requests until the JWT times out at which point it will have to supply

CF-Access-Client-Id

CF-Access-Client-Id

and

CF-Access-Client-Secret

CF-Access-Client-Secret

again to get a new JWT

Thanks for any insights on best practices

Cloudflare Developers•3y ago

Marcin

Service Auth in Worker with Service Token

CF-Access-Client-Id

CF-Access-Client-Id

and

CF-Access-Client-Secret

CF-Access-Client-Secret

headers on every API call; - OR -

2) Obtain the JWT from

CF_Authorization

CF_Authorization

and pass that on subsequent API requests until the JWT times out at which point it will have to supply

CF-Access-Client-Id

CF-Access-Client-Id

and

CF-Access-Client-Secret

CF-Access-Client-Secret

again to get a new JWT

Thanks for any insights on best practices

Service Auth in Worker with Service Token

Similar Threads

Service Auth in Worker with Service Token

Similar Threads

Similar Threads

Similar Threads