You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on Mar 8, 2024. It is now read-only.
Copy file name to clipboardExpand all lines: readme.md
+12Lines changed: 12 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -12,6 +12,18 @@
12
12
-[8. Use Xpring SDK with PayID](#8-use-xpring-sdk-with-payid)
13
13
-[8.1. Demo](#81-demo)
14
14
15
+
## Required Server Security
16
+
17
+
There are a few critical security measures that **MUST** be taken when running this PayID server implementation.
18
+
19
+
### TLS
20
+
21
+
TLS is a **requirement** for PayID. This PayID server implementation does not include TLS out-of-the-box, so it must be configured.
22
+
23
+
For instructions on configuring TLS with an NGINX reverse proxy for PayID, go [here](https://dev.docs.payid.org/docs/remote-deployment#nginx-reverse-proxy--ssl-setup).
24
+
25
+
For PayID security best practices, go [here](https://dev.docs.payid.org/docs/payid-best-practices).
26
+
15
27
## 4. PayID integration and the PayID APIs
16
28
17
29
You can deploy your own PayID server and then create PayIDs for your users using the PayID Private API. You can also query and modify this list of users. This API should be exposed internally only, so that only your company's systems can update PayID mappings.
0 commit comments