[tempest_]

Back in the day I worked at a place that had HMAC signing on an http endpoint.

50% of the support issues were because people could not properly sign requests and it caused me to learn how to make http in all sorts of crap to help support them.

[danscan]

Easy to imagine that haha. That’s part of the reason I’d lean on a standard like JOSE and make signing happen automatically for users who prefer to use an SDK