Menu
I am curious how auth would work for Push mechanism. It requires an endpoint on the subscriber which has to be accessible over internet so is pubsub client going to validate that message pushed is indeed coming from google? or is that left upto subscribers to implement?
If it is left up-to subscribers what are suggested way to achieve it?
679
The team is aware that this is not an ideal solution, but for now, the only option is to add a secret token in the push endpoint URL as described at:
https://cloud.google.com/pubsub/faq#security
You can also periodically rotate the secret token for better security. Of course you need to keep the secret token securely.
145
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
