Note: You are viewing an old version of this page. View the current version.

HMAC Authentication

HMAC Authorization

  • ACL-type
  • Groupings possible (which inherit groups of ACLs)

  • Permissions based

    • Expensive permissions checks are done once, when asking for permission

    • Permissions only requested when needed for the session

      • Saves processing time for simple one-time actions
    • Once permission is granted, token is 'upgraded' to include the requested permission
    • Frequent permissions checks check only the token, not the ACL table.