Skip to content

Dynamic master key and maintenance key #9052

New issue
New issue
Closed
#9582
Closed
Dynamic master key and maintenance key#9052
#9582
Labels
bounty:$50Bounty applies for fixing this issue (Parse Bounty Program)state:released-alphaReleased as alpha versiontype:featureNew feature or improvement of existing feature
@mtrezza

Description

@mtrezza
mtrezza
opened on Mar 25, 2024

New Feature / Enhancement Checklist

Current Limitation

The master key and maintenance key are both set on server start and cannot be changed without a server restart. This is disadvantageous when periodically rotating the keys because a key rotation also requires a server restart. This is particular problematic for a cluster of servers in which updating the keys across a large fleet can take a long time.

Feature / Enhancement Description

  • Allow to set an async function for the master key instead of a string.
  • Add the master key to the internal cache with a TTL, so that the function is not called every time the master key is validated

Example Use Case

New Parse Server options:

{
  masterKey: async () => await getKey(),
  masterKeyTtl: 3600,
}

Alternatives / Workarounds

Server restart.

Metadata

Metadata

Assignees

No one assigned

    Labels

    bounty:$50Bounty applies for fixing this issue (Parse Bounty Program)state:released-alphaReleased as alpha versiontype:featureNew feature or improvement of existing feature

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions