Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement Lightweight API Key by Removing Unnecessary Claims from the Existing API Key #3097

Closed
dakshina99 opened this issue Sep 4, 2024 · 0 comments · Fixed by wso2/carbon-apimgt#12540
Closed

Implement Lightweight API Key by Removing Unnecessary Claims from the Existing API Key #3097

dakshina99 opened this issue Sep 4, 2024 · 0 comments · Fixed by wso2/carbon-apimgt#12540
Assignees
@dakshina99
Labels
4.4.0 Component/APIM Type/Improvement
Milestone
APIM 4.4.0 Alpha

Comments

@dakshina99
Copy link

Problem

The current API Key implementation in the API Manager includes several claims that are not essential for the API Key itself but are required during the API Key authentication process. These claims can be removed from the API Key payload to reduce its size and complexity.

Solution

  1. Identify Unnecessary Claims
    • List the claims currently included in the API Key that are not required for the key to function effectively.
  2. Modify API Key Structure
    • Remove the identified unnecessary claims from the API Key payload.
    • Ensure that the remaining claims still allow for the secure and efficient validation of the API Key.
  3. Enhance Authentication Process
    • Adjust the API Key authentication mechanism to retrieve the necessary information from the data store when validating the API Key.
    • Ensure that the changes do not introduce performance bottlenecks or security vulnerabilities.
  4. Backward Compatibility
    • Consider providing an option to support the old API Key format for a transition period.
    • Include a migration guide for users who need to switch to the new lightweight API Key format.

Affected Component

APIM

Version

No response

Implementation

No response

Related Issues

No response

Suggested Labels

No response
@dakshina99 dakshina99 self-assigned this Sep 4, 2024
@RakhithaRR RakhithaRR added this to the APIM 4.4.0 milestone Sep 6, 2024
@dakshina99 dakshina99 mentioned this issue Sep 6, 2024
Merged
@github-staff github-staff deleted a comment from GenaroSalomone Oct 23, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dakshina99 dakshina99

Labels
4.4.0 Component/APIM Type/Improvement
Projects
None yet
Milestone
APIM 4.4.0 Alpha
Development

Successfully merging a pull request may close this issue.

[Improvement] Lightweight apikey dakshina99/carbon-apimgt
2 participants
@RakhithaRR @dakshina99