Uploaded image for project: 'Magnolia REST Framework'
  1. Magnolia REST Framework
  2. MGNLREST-261

Secure authentication needed into REST calls

    XMLWordPrintable

Details

    • Improvement
    • Resolution: Duplicate
    • Blocker
    • None
    • None
    • None
    • None

    Description

      Hello all,

       

      it´s fundamental to have a complete secure authentication method into Magnolia REST calls, because current basic authentication method is not secure.

      Let´s see a typical scenario:
      Magnolia headless solution where an Angular (front) application needs to set some information into Magnolia (for example set a value into contacts content app with nodes endpoint).

      In this scenario, Angular needs to make a call from Javascript code, what is exposed to all across browser inspector, so anyone could catch REST calls (with credentials) an modify its to make an attack.

       

      How can we secure Magnolia REST authentication into these kind of scenarios?

       

      Thanks in advance

      Checklists

        Acceptance criteria

        Attachments

          Issue Links

            Activity

              People

                Unassigned Unassigned
                dmarquez David Caviedes Marquez
                Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved:

                  Checklists

                    Task DoD