AWS quicksuite high security documentation change
Summary
Replaced API Key authentication documentation with OAuth 2.0 client credentials grant flow, adding Client ID, Client Secret, and Token URL requirements.
Security assessment
Security improvement: Migrating from API keys (static credentials) to OAuth 2.0 client credentials grant flow (temporary tokens) reduces credential exposure risks. This directly addresses authentication security weaknesses by implementing a more secure standard.
Diff
diff --git a/quicksuite/latest/userguide/rest-api-integration.md b/quicksuite/latest/userguide/rest-api-integration.md index e0fbdbedf..44f1ba545 100644 --- a//quicksuite/latest/userguide/rest-api-integration.md +++ b//quicksuite/latest/userguide/rest-api-integration.md @@ -61 +61 @@ Gather the following information from your API provider: -**Service authentication (API Key)** +**Service authentication (Service-to-service OAuth)** @@ -66 +66 @@ Gather the following information from your API provider: - * **API Key** \- REST API access key or token. + * **Authentication type** \- OAuth 2.0 client credentials grant flow for service-to-service authentication. @@ -70 +70,5 @@ Gather the following information from your API provider: - * **Email** \- Associated user account email (if required). + * **Client ID** \- OAuth application client identifier for service authentication. + + * **Client secret** \- OAuth application client secret for service authentication. + + * **Token URL** \- OAuth token endpoint for obtaining access tokens.