centersl/gitea-docs
1
0
Fork 0
mirror of https://gitea.com/gitea/docs.git synced 2026-03-27 14:11:03 +07:00
Code Issues Packages Projects Releases Wiki Activity

update ssh signing docs to reference draft RFC

Browse Source
This commit is contained in:
techknowlogick
2026-02-10 17:31:10 +00:00
parent 672ae2ae2f
commit 1d21543b66
1 changed files with 6 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
docs/development/api-usage.md
View File

@@ -30,10 +30,12 @@ Gitea parses queries and headers to find the token in
Gitea can also authenticate API requests using an SSH key or SSH certificate via
HTTP signatures. The SSH public key (or certificate) must be registered to the
user account in Gitea, and the client signs requests with the corresponding
private key. The signature is sent in the standard `Signature` header, and SSH
certificates additionally include an `X-SSH-Certificate` header. The official
[go-sdk](https://gitea.com/gitea/go-sdk) implements this flow if you need a
reference implementation.
private key. The client signs requests using the SSH private key following the
[draft-cavage-http-signatures](https://datatracker.ietf.org/doc/html/draft-cavage-http-signatures)
specification (not RFC 9421). The signature is sent in the `Signature` header,
and SSH certificates additionally include an `x-ssh-certificate` header. The
official [go-sdk](https://gitea.com/gitea/go-sdk) implements this flow if you
need a reference implementation.
## Generating and listing API tokens