Add Request Signing Support

## Overview
Add HMAC-based request signing to ensure request integrity and authenticity.

## Motivation
Request signing prevents request tampering and provides additional security beyond simple API keys.

## Proposed API

```typescript
// HMAC-based request signing
const signature = keys.sign(request, apiKey)

// Verify signature
const isValid = await keys.verifySignature(request, signature, keyId)
```

## Implementation Details

### Signing Algorithm
- Use HMAC-SHA256 by default
- Sign request body + timestamp + method + path
- Include timestamp to prevent replay attacks

### Storage Requirements
- Add signature to audit logs
- Track signature verification attempts

## Acceptance Criteria
- [ ] Implement HMAC signing
- [ ] Support custom signing algorithms
- [ ] Add timestamp validation
- [ ] Add signature verification
- [ ] Add tests for signing
- [ ] Document request signing flow
- [ ] Handle replay attacks

## Priority
Low - Advanced security feature


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Add Request Signing Support #11

Overview

Motivation

Proposed API

Implementation Details

Signing Algorithm

Storage Requirements

Acceptance Criteria

Priority

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Uh oh!

Add Request Signing Support #11

Description

Overview

Motivation

Proposed API

Implementation Details

Signing Algorithm

Storage Requirements

Acceptance Criteria

Priority

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions