I have some trouble using the management API.
I think I have understood the process, but I can’t succeed to get it working.
Actually, I understand that each APP ( peatio, barong, applogic ) should sign their data with private key before sending it to the other app ( ex : applogic > peatio, for withdraws ).
So, applogic should sign their data with it’s own private key, send it to peatio which should verify the sender with applogic’s public key. Then, peatio will answer to applogic and sign token with peatio’s private key, and then applogic will verify with peatio’s public key.
The problem is that I don’t find where to store the private key for each apps.
I think I have misunderstood something.
The JWT_PUBLIC_KEY in application.yml is related to same key as in management_api_v1.yml ?
Why (and how) it is possible tu multisign request ?