Skip to content
This repository has been archived by the owner on Sep 19, 2024. It is now read-only.

Commit

Permalink
pr remarks 2
Browse files Browse the repository at this point in the history
  • Loading branch information
@paullatzelsperger
paullatzelsperger committed Apr 2, 2024
1 parent 2312180 commit 80454f4
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions developer/best_practices.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,11 +45,11 @@ There is a plethora of ready-made components available, both commercial and open
not provide that functionality._ Requests and issues to that effect will be ignored.

In the particular case of the DSP API, the same principle holds, although with the exception of authentication and
authorization. That is handled by the [DSP protocol itself]().
authorization. That is handled by the [DSP protocol itself](https://docs.internationaldataspaces.org/ids-knowledgebase/v/dataspace-protocol).

We have a rudimentary token-based API security module available, which can be used to secure the connection API
gateway <-> connector if so desired.
It should be noted that it is _not designed to act as a port-of-entry!_
It should be noted that it is _not designed to act as a ingress point!_

> TL;DR: don't expose any APIs if you can help it, but if you must, use available tools to harden the ingress
Expand Down

0 comments on commit 80454f4

Please sign in to comment.