Open Conal-Tuohy opened 10 months ago
TroveProxy should accept keys from the client as any of X-API-KEY
header, key
URL parameter, or a cookie, and should pass the key to Trove as an X-API-KEY
header (stripping any key
parameter from the URL), and pass the key back to the client as a cookie.
Move API authentication keys from request URIs (i.e. the
key
parameter) into HTTPX-API-KEY
headers: