In our ongoing effort to align with best practices and improve our service offerings, we are updating the header names used for authentication tokens. We are transitioning from X-Auth-Token to Shift-Auth-Token. This update is pivotal for aligning with modern internet standards and ensuring our services remain robust and user-friendly.
Why Change the Header Name?
The decision to move away from the X-Auth-Token follows guidelines from RFC-6648, which advises against using the X- prefix for application-specific headers. This change is purely nominal and does not affect the underlying security or structure of the tokens themselves. Rather, it's about adopting a cleaner, standardized approach that reduces the risk of conflicts and enhances compatibility with future technological developments.
Key Changes and Dates
- New Header Name: Starting now, we encourage all users to adopt
Shift-Auth-Tokenin their API requests. - Deprecation Schedule: The
X-Auth-Tokenwill continue to function until the end of July 2024. After this period, onlyShift-Auth-Tokenwill be accepted. - No Change in Token Mechanics: It's important to note that this change is in name only. The security, generation, and handling of the tokens remain the same.
What This Means for You
For users, the transition will require minimal adjustments. The key change involves updating API calls to use the new Shift-Auth-Token header instead of X-Auth-Token. We recommend making this update at your earliest convenience to avoid any disruptions when the old header is fully retired.
Ensuring a Smooth Transition
We are committed to making this transition as seamless as possible:
- Updated Documentation: Our documentation has been revised to guide you through using the new
Shift-Auth-Token. - Technical Support: Should you have any questions or require assistance, our support teams are on standby at service.desk@shift.online.
- Reminder Communications: We will send reminders as the cutoff date approaches, ensuring you have ample time to make the necessary changes.
Conclusion
This update is part of our commitment to maintaining a secure and efficient service environment. By moving to Shift-Auth-Token, we align with current standards and prepare for future advancements without impacting the robust security of our systems.
We appreciate your cooperation as we make this necessary update, ensuring our technology continues to meet the highest standards of reliability and performance.