move sidekick origin from `admin.hlx.page` to `admin.aem.live`

[davidnuescheler]

it would be great to move sidekick away from admin.hlx.page to admin.aem.live.

i think this is potentially a risky change as it may have impact for people who rely on sidekick auth for plugins that send auth to admin

[rofe]

Admin login tokens are short-lived and need to be refreshed on sidekick version updates anyway, so I don't think that wouyld be the main issue.

I think that the biggest issue will be customers with strict CSPs (we already got a glimpse of it when we switched from www.hlx.live to www.aem.live) so we'll have to communicate this change to our customers well in advance, and maybe even add a temporary fallback mechanism in case the request to admin.aem.live is failing...

[davidnuescheler]

after some consideration, i think we should use admin.aem.live as a way to create a breaking admin API revamp, so let's not change to admin.hlx.live at this point. i will close this issue.