+- Orbit OS -- Forums (https://forum.orbit-os.org)
+-- Forum: Development & SDKs (https://forum.orbit-os.org/forumdisplay.php?fid=7)
+--- Forum: SDKs & APIs (https://forum.orbit-os.org/forumdisplay.php?fid=8)
+--- Thread: SDK auth best practices for service-to-service calls? (/showthread.php?tid=25)
SDK auth best practices for service-to-service calls? - Evanildo - 04-25-2026
For SDK-based integrations, what auth pattern do you recommend between internal services?
I want something simple for dev, but secure enough for production migration.
Token rotation strategy suggestions are very welcome.
RE: SDK auth best practices for service-to-service calls? - PeterGames - 04-25-2026
Good direction. Recommended baseline:
- short-lived tokens
- strict scope per service
- regular key rotation
- full audit logging for privileged actions
We are drafting an SDK auth guide and will share it soon.