Back in the day I worked at a place that had HMAC signing on an http endpoint. 5... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		tempest_ 35 days ago \| parent \| context \| favorite \| on: Self-Signed JWTs Back in the day I worked at a place that had HMAC signing on an http endpoint. 50% of the support issues were because people could not properly sign requests and it caused me to learn how to make http in all sorts of crap to help support them.

danscan 35 days ago [–]

Easy to imagine that haha. That’s part of the reason I’d lean on a standard like JOSE and make signing happen automatically for users who prefer to use an SDK

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact