What's the plan on endpoint security/auth?
moookino opened this issue · 1 comments
moookino commented
What's the plan on endpoint security/auth?
I saw project with OIDC support or should we just use middleware to secure endpoint?
GoodiesHQ commented
I assume you found your answer which is that this endpoint does not ultimately need any security. It is just a static HTML scaffold application with all sensitive information being stored client-side and does not perform any operations server-side. I wouldn't deploy anything without SSL , but at the end of the day, securing access to this endpoint could not prevent a compromised key from being used.