It uses application.authenticationApiRequest of Stormpath API. We can load the key from path or define it as an object. We can also take advantage the group names as scope in a route config's auth.scope.
Load the key from a predefined path (the apiKeyPath)
server.register({
register: require('../'),
options: {
apiKeyPath: __dirname + '/data/key',
appHref: 'https://your/stormpath/app/url'
}
}, function(err) {}Or using the API key object (the apiKey),
server.register({
register: require('../'),
options: {
apiKey: {
id: process.env['STORMPATH_APIKEY_ID'],
secret: process.env['STORMPATH_APIKEY_SECRET']
},
appHref: 'https://your/stormpath/app/url'
}
}, function(err) {}MIT