sample_config claims that `macaroon_secret_key` is used to sign access tokens #12050

richvdh · 2022-02-21T18:00:00Z

... which has not really been true since #5588

richvdh · 2022-02-21T18:01:16Z

It is still used for (I think):

Short-term login tokens. These are used as part of the single-sign-on (OIDC or SAML2) flow.
Access tokens for guest users (read-only accounts).
Email unsubscribe links. These use special access tokens that only let you unsubscribe from email notifications.

erikjohnston added A-Docs things relating to the documentation T-Task Refactoring, removal, replacement, enabling or disabling functionality, other engineering tasks. Z-Help-Wanted We know exactly how to fix this issue, and would be grateful for any contribution labels Feb 23, 2022

dklimpel mentioned this issue Aug 3, 2022

Update doc for setting macaroon_secret_key #13443

Merged

4 tasks

reivilibre closed this as completed in #13443 Aug 3, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

sample_config claims that `macaroon_secret_key` is used to sign access tokens #12050

sample_config claims that `macaroon_secret_key` is used to sign access tokens #12050

richvdh commented Feb 21, 2022 •

edited

Loading

richvdh commented Feb 21, 2022 •

edited

Loading

sample_config claims that macaroon_secret_key is used to sign access tokens #12050

sample_config claims that macaroon_secret_key is used to sign access tokens #12050

Comments

richvdh commented Feb 21, 2022 • edited Loading

richvdh commented Feb 21, 2022 • edited Loading

sample_config claims that `macaroon_secret_key` is used to sign access tokens #12050

sample_config claims that `macaroon_secret_key` is used to sign access tokens #12050

richvdh commented Feb 21, 2022 •

edited

Loading

richvdh commented Feb 21, 2022 •

edited

Loading