III. Sensitive config
Don’t share it with everyone
Modern applications are built on the basis of small (distinct) components (microservices) interconnected with each other either at Networking (REST, RPC) level or Code Dependency (Nuget, npm) level. Often these dependencies
will require some sort of authentication (who you are) as well as authorisation (what can you do) performed in order to consume these.
Programmatically, this is achieved by identifying yourself as a
Client
, sometimes this information is also associated withKey
and in some cases also aSecret
.
These pieces of information are normally stored in configuration files where JSON format being predominant choice in most cases, as per examples below.
{
"azure": {
"kv_client": "123456",
"kv_key": "abcdef",
"kv_secret": "009988"
}
}
Read more on dirtydozen
Browse to https://qbituniverse.github.io/dirtydozen/sensitive-config/ to carry on reading about Sensitive config
…