+1. I think one should be able to get a JWT with a JWT. This user experience:
> I can authenticate any API call with a JWT token. ...is nicer than this user experience: > I can authenticate any API call with a JWT token. Oh, wait, exept getting a new JWT token. I wonder why? Is there some security risk here? I wonder if there's other API calls that also don't let me use JWT tokens? Perhaps I should use basic auth for all authentication?
_______________________________________________ Pulp-dev mailing list [email protected] https://www.redhat.com/mailman/listinfo/pulp-dev
