Integration hub authentication
All calls between the hub and other MS must be done via HTTPS.
Any requests made by Toqio's Integration Hub will contain a bearer token as an Authorization header. This JWT token will be signed with a Private Key and has the following parameters:
- issuer: Toqio
- subject: Toqio-integration-hub Authorization
- payload:
- customerID: {customerID}
In order to decode this token Toqio will provide the public key to the new integrators.
In addition to this, we will allow the customer to add extra optional configuration, that will allow us to add as many additional parameters on the payload as requested by the integrators (for example an apiKey).
Updated about 1 year ago