Menu
I am trying to get my head wrapped around grpc authentication. From the looks of the examples, it looks like grpc supports ssl/tls and google tokens...
I've also looked at json web tokens as a means of authentication.
I'm not sure if this is even the correct way of thinking about this, but how would I use JWT in conjunction with grpc?
Is the JWT the "token" that gets used with the oauth2 example?
Does it relate to the 'roots.pem' file that is being opened?
I feel like I know very little about authentication/tokens. I've tried searching for python examples that involve grpc and JWT, and it has been a mostly fruitless search.
Am I thinking about this the wrong way?
732
The normal JWT approach uses service account credentials which are provided by the environment in a well-known location. This is what "Google Default Credentials" are in the examples. These are by far the easiest to get working, and have the best security and performance characteristics.
OAuth2 is also supported, by using a OAuth token. This is useful for things like 3-legged OAuth or integrating into a pre-existing application that is using tokens directly.
roots.pem is something different. That's for TLS-based authentication with custom Certificate Authorities.
That said, there is currently no JWT example in Python. Please follow the open issue. The example today uses service account credentials, but then converts it to a normal OAuth token.
112
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
