Uploaded image for project: 'Red Hat 3scale API Management'
  1. Red Hat 3scale API Management
  2. THREESCALE-8482

WebSockets Policy should list user_key or app_id/app_key in query params as requirement

    XMLWordPrintable

Details

    • API CCS Sprint 44 (3Scale) 2

    Description

      The documentation for the Websockets Policy states the following:

       

      The Websocket policy enables WebSocket protocol connections to upstream APIs. If you plan to enable the WebSocket protocol, consider the following:

      • The WebSocket protocol does not support JSON Web Tokens.
      • The WebSocket protocol does not allow additional headers.
      • The WebSocket protocol is not part of the HTTP/2 standard.

      What this ultimately means is that OIDC is not supported, and you must use query params as the credential location. This should be called out explicitly.

      Perhaps it should be changed to something like the following:

       

      The Websocket policy enables WebSocket protocol connections to upstream APIs. If you plan to enable the WebSocket protocol, consider the following:

      • The WebSocket protocol does not allow additional headers.
        • Therefore the WebSocket Policy requires that the service be configured with Query Parameters for credential location.
        • Therefore the WebSocket policy does not support OIDC authentication method.
      • The WebSocket protocol is not part of the HTTP/2 standard.

       

       

      Attachments

        Activity

          People

            Unassigned Unassigned
            rhn-support-spoole Shannon Poole
            Darren Fennessy Darren Fennessy
            Jakub Urban Jakub Urban
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated: