In order to use the v1s endpoints, an external API consumer is required to sign a short-lived JWT with each API call and include the JWS inside an Authorization header. The signed JWT payload will include a digest (sha256) of the request, for anti-tampering protection.
