alex_dimov
11/24/2022, 4:56 PMaaronsteers
11/24/2022, 6:20 PMaaronsteers
11/24/2022, 6:21 PMSTATE
but that also could have some security concerns, since state artifacts are generally not themselves treated as secrets.aaronsteers
11/24/2022, 6:22 PMalex_dimov
11/24/2022, 6:59 PMlet the user collect it and maintain its lifecycleDo you mean that the user himself receives a token every time and give us a valid one? Another option I thought about is getting a token from our server
aaronsteers
11/28/2022, 4:41 PMDo you mean that the user himself receives a token every time and give us a valid one?
Another option I thought about is getting a token from our serverYeah - this delegates the login-and-get-token process to the "user" (aka your own servers/processes), so it won't be ideal for most folks. But then you could manage the lifecycle of that token. That said, is there a reason you don't want to let the tap just get a new token each time?
alex_dimov
11/28/2022, 4:43 PM