Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Document UCAN as one of Authorization options #88

Open
lidel opened this issue Apr 4, 2022 · 0 comments
Open

Document UCAN as one of Authorization options #88

lidel opened this issue Apr 4, 2022 · 0 comments
Labels
effort/hours Estimated to take one or several hours good first issue Good issue for new contributors help wanted Seeking public contribution on this issue P1 High: Likely tackled by core team if no one steps up topic/docs Improvements or additions to documentation

Comments

@lidel
Copy link
Member

lidel commented Apr 4, 2022
edited
Loading

πŸ‘‰ This is a good first issue if someone wants to open a PR – all you need it to update docs here.

They are JSON Web Tokens JWTs containing Decentralized Identity Documents secured by public key cryptography.

In practice, [pinning service] users can create their own keypair and register the DID with the [pinning service] UCAN service to get a UCAN token. The [pinning service] user is then free to create user UCAN tokens derived from their registered UCAN.

[..] these derived tokens can be used to limit end-users to upload either any data or data with a specific CID within a scoped time period. When a token is used, [pinning service] can validate it by looking at the chain of proofs used to derive a token, checking the cryptographic identity of each signer of the token.

Use of UCAN does not require any API changes, already existing Authorization Bearer HTTP header can be used for UCAN. We should document this in Authentication section at https://ipfs.github.io/pinning-services-api-spec/#section/Authentication

Reference / prior art:
@lidel lidel added P1 High: Likely tackled by core team if no one steps up effort/hours Estimated to take one or several hours help wanted Seeking public contribution on this issue topic/docs Improvements or additions to documentation good first issue Good issue for new contributors labels Apr 4, 2022
@lidel lidel changed the title Docs: suggest UCAN as Authorization option for frontend apps Document UCAN as one of Authorization options Apr 4, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
effort/hours Estimated to take one or several hours good first issue Good issue for new contributors help wanted Seeking public contribution on this issue P1 High: Likely tackled by core team if no one steps up topic/docs Improvements or additions to documentation
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@lidel