From 1f5510d206c8c6d8e0fc77f26769cc7c650e984a Mon Sep 17 00:00:00 2001 From: Jean-Paul Calderone <exarkun@twistedmatrix.com> Date: Wed, 2 Sep 2020 15:13:21 -0400 Subject: [PATCH] Authorization docs --- docs/source/interface.rst | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/docs/source/interface.rst b/docs/source/interface.rst index 678d5c4..5231e72 100644 --- a/docs/source/interface.rst +++ b/docs/source/interface.rst @@ -7,6 +7,18 @@ Client When enabled in a Tahoe-LAFS client node, ZKAPAuthorizer publishes an HTTP-based interface inside the main Tahoe-LAFS web interface. +All endpoints in the interface require an authorization token. +Without the token, +requests will receive an HTTP UNAUTHORIZED (401) response. + +To be authorized to access the resources at the endpoints, +requests must include the correct secret token in the value for **Authorization** in the request header. +For example, if the secret token is ``ABCDEF``:: + + Authorization: tahoe-lafs ABCDEF + +The correct value for the token can be read from the Tahoe-LAFS node's ``private/api_auth_token`` file. + ``GET /storage-plugins/privatestorageio-zkapauthz-v1/version`` ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -- GitLab