dapr
/
docs
mirror of https://github.com/dapr/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1028 from mukundansundar/add-api-token-annotation 

Add api-token-secret annotation for k8s
This commit is contained in:
Aaron Crawfis 2020-12-17 11:21:46 -08:00 committed by GitHub
parent 391a1dd822 0b77c43c4f
commit 4671e66736
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
daprdocs/content/en/operations/hosting/kubernetes/kubernetes-annotations.md
View File

@ -17,6 +17,7 @@ The following table shows all the supported pod Spec annotations supported by Da
| `dapr.io/config` | Tells Dapr which Configuration CRD to use
| `dapr.io/log-as-json` | Setting this parameter to `true` outputs logs in JSON format. Default is `false`
| `dapr.io/enable-profiling` | Setting this paramater to `true` starts the Dapr profiling server on port `7777`. Default is `false`
| `dapr.io/api-token-secret` | Tells Dapr which Kubernetes secret to use for token based API authentication. By default this is not set.
| `dapr.io/app-protocol` | Tells Dapr which protocol your application is using. Valid options are `http` and `grpc`. Default is `http`
| `dapr.io/app-max-concurrency` | Limit the concurrency of your application. A valid value is any number larger than `0`
| `dapr.io/app-ssl` | Tells Dapr to invoke the app over an insecure SSL connection. Applies to both HTTP and gRPC. Default is `false`.

4
daprdocs/content/en/operations/security/api-token.md
View File

@ -1,6 +1,6 @@
---
type: docs
title: "Enable API token based authentication"
title: "Enable token based API authentication"
linkTitle: "API token auth"
weight: 3000
description: "Require every incoming API request to include an authentication token before allowing that request to pass through"
@ -14,7 +14,7 @@ Dapr uses [JWT](https://jwt.io/) tokens for API authentication.
> Note, while Dapr itself is actually not the JWT token issuer in this implementation, being explicit about the use of JWT standard enables federated implementations in the future (e.g. OAuth2).
To configure APIs authentication, start by generating your token using any JWT token compatible tool (e.g. https://jwt.io/) and your secret.
To configure API authentication, start by generating your token using any JWT token compatible tool (e.g. https://jwt.io/) and your secret.
> Note, that secret is only necessary to generate the token, and Dapr doesn't need to know about or store it