Alexey Brambalov
12/12/2023, 11:03 AMCharith (Cerbos)
Alexey Brambalov
12/12/2023, 11:16 AMCharith (Cerbos)
Alexey Brambalov
12/12/2023, 11:19 AMCharith (Cerbos)
Alexey Brambalov
12/12/2023, 11:22 AMAlexey Brambalov
12/12/2023, 11:22 AMCharith (Cerbos)
Bradey Wood
12/12/2023, 11:33 AMBradey Wood
12/12/2023, 11:34 AMBradey Wood
12/12/2023, 11:36 AMCharith (Cerbos)
Options
https://github.com/cerbos/cerbos-sdk-javascript/blob/main/docs/http.options.md. It was added for this exact reason.Bradey Wood
12/12/2023, 11:44 AMCharith (Cerbos)
Bradey Wood
12/12/2023, 11:51 AMCharith (Cerbos)
Bradey Wood
12/12/2023, 12:15 PMCharith (Cerbos)
UNSIGNED-PAYLOAD
header.Bradey Wood
12/12/2023, 1:16 PMBradey Wood
12/12/2023, 1:21 PMCharith (Cerbos)
but this is S3 docs, not API G/W docs, but it might still work.I got there from https://docs.aws.amazon.com/IAM/latest/UserGuide/aws-signing-authentication-methods.html so I think it applies to all signed requests. I don't think it's quite straightforward to support full payload signing in the Cerbos SDK in a maintainable way because you need to be able to canonicalize the request and basically have a lot of invasive control over the request lifecycle in order to do it. So, I don't think we would be able to support that in the short term. That being said, the Cerbos API is extremely simple and you could very easily write your own client to access it. Some of our users already do that.
Bradey Wood
12/12/2023, 2:10 PM